My RKR log - Sysinternals Forums

Hi, Oriam.

This is the contents of the unzipped logfile which your posted:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run              �

+ egui     Eset GUI     (Verified) ESET, spol. s r.o.     c:\program files\eset\eset nod32 antivirus\egui.exe

+ NvCplDaemon     NVIDIA Display Properties Extension     (Verified) NVIDIA Corporation     c:\windows\system32\nvcpl.dll

+ NvMediaCenter     NVIDIA Media Center Library     (Not verified) NVIDIA Corporation     c:\windows\system32\nvmctray.dll

+ NvSvc     NVIDIA Driver Helper Service, Version 169.09     (Not verified) NVIDIA Corporation     c:\windows\system32\nvsvc.dll

+ SunJavaUpdateSched     Java(TM) Platform SE binary     (Verified) Sun Microsystems, Inc.     c:\program files\java\jre1.6.0_03\bin\jusched.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved              �

+ Eset Smart Security - Context Menu Shell Extension     Shell Extension     (Verified) ESET, spol. s r.o.     c:\program files\eset\eset nod32 antivirus\shellext.dll

+ Handy Backup     Handy Backup Pro Shell Extension DLL     (Not verified) Novosoft     c:\program files\novosoft\handy backup pro\hbshell.dll

+ NvCpl DesktopContext Class     NVIDIA Display Properties Extension     (Verified) NVIDIA Corporation     c:\windows\system32\nvcpl.dll

+ Play on my TV helper     NVIDIA Display Properties Extension     (Verified) NVIDIA Corporation     c:\windows\system32\nvcpl.dll

+ WinRAR shell extension              �c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers              �

+ PDF Shell Extension     PDF Shell Extension     (Not verified) Adobe Systems, Inc.     c:\program files\common files\adobe\acrobat\activex\pdfshell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects              �

+ Adobe PDF Reader Link Helper     Adobe PDF Helper for Internet Explorer     (Verified) Adobe Systems, Incorporated     c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll

+ SSVHelper Class     Java(TM) Platform SE binary     (Verified) Sun Microsystems, Inc.     c:\program files\java\jre1.6.0_03\bin\ssv.dll

HKLM\System\CurrentControlSet\Services              �

+ ekrn     Eset Service     (Verified) ESET, spol. s r.o.     c:\program files\eset\eset nod32 antivirus\ekrn.exe

+ Handy Backup Pro Agent     Handy Backup Pro 2.0 Agent     (Not verified) Novosoft     c:\program files\novosoft\handy backup pro\hbagent.exe

+ LVSrvLauncher     Launcher for Logitech Video Components.     (Verified) Logitech Inc     c:\program files\common files\logishrd\srvlnch\srvlnch.exe

+ PDAgent     This service controls PerfectDisk's scheduling and remote communication.     (Verified) Raxco Software, Inc.     c:\program files\raxco\perfectdisk\pdagent.exe

+ Roxio Upnp Server 10     RoxioUpnpService10 Module     (Verified) Sonic Solutions     c:\program files\roxio\digital home 10\roxioupnpservice10.exe

+ RoxLiveShare10     Allows remote users to view through WEB browsers your authorized multimedia content managed by Roxio Media Manager9.     (Verified) Sonic Solutions     c:\program files\common files\roxio shared\10.0\sharedcom\roxliveshare10.exe

+ RoxWatch10     RoxSniffer10 Module     (Verified) Sonic Solutions     c:\program files\common files\roxio shared\10.0\sharedcom\roxwatch10.exe

HKLM\System\CurrentControlSet\Services              �

+ AsIO          (Verified) ASUSTeK Computer Inc.     c:\windows\system32\drivers\asio.sys

+ c2scsi     Roxio virtual SCSI miniport     (Verified) Sonic Solutions     c:\windows\system32\drivers\c2scsi.sys

+ eamon     Eset file on-access scanner     (Verified) ESET, spol. s r.o.     c:\windows\system32\drivers\eamon.sys

+ easdrv     Eset AntiStealth driver     (Verified) ESET, spol. s r.o.     c:\windows\system32\drivers\easdrv.sys

+ epfwtdir     EPFW Filter Driver     (Verified) ESET, spol. s r.o.     c:\windows\system32\drivers\epfwtdir.sys

+ LVcKap     Logitech Kernel Audio Processing Filter Driver     (Verified) Logitech Inc     c:\windows\system32\drivers\lvckap.sys

+ LVMVDrv     Logitech Machine Vision Engine Loader     (Verified) Logitech Inc     c:\windows\system32\drivers\lvmvdrv.sys

+ nvlddmkm     NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 169.09      (Not verified) NVIDIA Corporation     c:\windows\system32\drivers\nvlddmkm.sys

+ PxHelp20     Px Engine Device Driver for Windows 2000/XP     (Verified) Sonic Solutions     c:\windows\system32\drivers\pxhelp20.sys

HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute              �

+ PDBoot.exe     PerfectDisk Boot Time Defragmentation     (Verified) Raxco Software, Inc.     c:\windows\system32\pdboot.exe

I am 99.9% sure that this is an Autoruns logfile. But I am 100% sure this is not a RootkitRevealer logfile.

what am i doing wrong ?

You posted the wrong logfile obviously. Telling from the link inside your initial post, it looks as if you inserted a totally incorrect link into your initial post. The link does not point to your RKR logfile, but to an (old) Autoruns logfile once posted by user Mynd (as far as I can tell. => cf. here, please: the link to Mynd's autoruns logifile looks exactly like the link you posted inside your inital message.)

HTH,
Karl

Edited by Karlchen - 22 January 2008 at 1:37am