Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

MTP_DM_PALservices files in Temp map, met logfile

gertcor
1 antwoord
  • Sinds kort zie ik in mijn Temp map een aantal files staan met als naam MTP_DM_PALservices en dan een datum .txt
    De laatse 2 weken heb ik alleen een MP3 speler van Philips als hardware geïnstalleerd.
    Hierbij een Hijack log en daarna een stukje van de eerder genoemde file.
    Vanavond heb ik de volgende scans gedaan maar niets gevonden.
    (AdAware, Spyboth, AVG free en AVG anti spyware)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:52:24, on 20-12-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ATKKBService.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\UPHClean\uphclean.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Philips\SA33XX\Philips Device Manager\Bin\SA33XXDeviceManager.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Outlook Express\Msimn.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
    O4 - HKLM\..\Run: [PhilipsSA33XXDM] C:\Program Files\Philips\SA33XX\Philips Device Manager\Bin\SA33XXDeviceManager.exe OS_STARTUP
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: ADSL Basis.lnk = ?
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab
    O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100899834476
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
    O16 - DPF: {A92E0798-BFA4-4FEE-BB48-8E2C69B2B0C5} (PageDive Control) - http://www.pagedive.com/pagedive5630/PageDive5.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5A659528-03FD-4B3B-9D9E-356358FF4D59}: NameServer = 194.109.104.104 194.109.6.66
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe


    End of file - 7466 bytes

    En dan hier de eerder genoemde file:

    Year=2007,month=12,weekday=4,day=20,hour=18,minute=16
    INFO:: CWMDMClient::RegisterForNotification() - Enter
    INFO:: CRegistryHandler::CRegistryHandler —- Constructor - Entry
    INFO:: CRegistryHandler::SetBaseRegKey - Entry
    INFO:: CRegistryHandler::SetBaseRegKey - Exit
    INFO:: CRegistryHandler::CRegistryHandler —- Constructor - Exit
    INFO:: CRegistryHandler::GetDefaultThreadWakeupInterval - Enter
    INFO:: CRegistryHandler::GetRegEntry - Entry
    INFO:: CRegistryHandler::GetRegEntry - exit
    INFO:: CRegistryHandler::GetDefaultThreadWakeupInterval - Exit
    INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Entry
    INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Exit
    INFO:: CHelp::Initialize() - Enter
    INFO:: CHelp::Initialize() - Exit
    INFO:: CHelp::HttpThreadRoutine() - Enter
    INFO:: CRegistryHandler::CRegistryHandler —- Constructor - Entry
    INFO:: CRegistryHandler::SetBaseRegKey - Entry
    INFO:: CRegistryHandler::SetBaseRegKey - Exit
    INFO:: CRegistryHandler::CRegistryHandler —- Constructor - Exit
    INFO:: CRegistryHandler::SetIsBusy - Entry
    INFO:: CRegistryHandler::SetRegEntry - Entry
    INFO:: CRegistryHandler::SetRegEntry - Exit
    INFO:: CRegistryHandler::SetIsBusy - Exit
    INFO:: CHelp::GetConnectedDevices() - Enter
    INFO:: CDeviceHandler::GetInstance() - Enter
    INFO:: CDeviceHandler::CDeviceHandler() - Enter
    INFO:: CDeviceHandler::CDeviceHandler() - Exit
    INFO:: CDeviceHandler::GetInstance() - Exit
    INFO:: CWMDMClient::GetConnectedDevices() - Enter
    INFO:: CDeviceHandler::GetInstance() - Enter
    INFO:: CDeviceHandler::GetInstance() - Exit
    INFO:: CWMDMClient::SetSigmaTelBaseLoc() - Enter
    INFO:: CRegistryHandler::CRegistryHandler —- Constructor - Entry
    INFO:: CRegistryHandler::SetBaseRegKey - Entry
    INFO:: CRegistryHandler::SetBaseRegKey - Exit
    INFO:: CRegistryHandler::CRegistryHandler —- Constructor - Exit
    INFO:: CRegistryHandler::GetRegEntry - Entry
    INFO:: CRegistryHandler::GetRegEntry - exit
    INFO:: CRegistryHandler::GetSigmatelRecoveryFolder - Enter
    INFO:: CRegistryHandler::GetRegEntry - Entry
    INFO:: CRegistryHandler::GetRegEntry - exit
    INFO:: CRegistryHandler::GetSigmatelRecoveryFolder - Exit
    INFO:: CWMDMClient::SetSigmaTelBaseLoc() - Exit
    INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Entry
    INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Exit
    INFO:: Before MAP
    ERROR:: CHelp::GetConnectedDevices() - Map size if zero in DeviceHandler
    INFO:: CHelp::GetConnectedDevices() - Exit
    INFO:: CHTTPServices::CHTTPServices: - Constructor Enter
    INFO:: CHTTPServices::CHTTPServices: - Constructor Exit
    INFO:: CHTTPServices::ISInternetConnAvailable: - Enter
    INFO:: CHelp::IsInternetConnAvailable() - Enter
    INFO:: CHTTPServices::CHTTPServices: - Constructor Enter
    INFO:: CHTTPServices::CHTTPServices: - Constructor Exit
    INFO:: CHTTPServices::ISInternetConnAvailable: - Enter
    INFO:: CHelp::ISInternetConnAvailable() - Exit
    INFO:: CHTTPServices::~CHTTPServices: - Destructor Enter
    INFO:: CHTTPServices::~CHTTPServices: - Destructor Exit
    INFO:: CHelp::GetConnectedDevices() - Enter
    INFO:: CDeviceHandler::GetInstance() - Enter
    INFO:: CDeviceHandler::GetInstance() - Exit
    INFO:: CWMDMClient::GetConnectedDevices() - Enter
    INFO:: CDeviceHandler::GetInstance() - Enter
    INFO:: CDeviceHandler::GetInstance() - Exit
    INFO:: CWMDMClient::SetSigmaTelBaseLoc() - Enter
    INFO:: CRegistryHandler::CRegistryHandler —- Constructor - Entry
    INFO:: CRegistryHandler::SetBaseRegKey - Entry
    INFO:: CRegistryHandler::SetBaseRegKey - Exit
    INFO:: CRegistryHandler::CRegistryHandler —- Constructor - Exit
    INFO:: CRegistryHandler::GetRegEntry - Entry
    INFO:: CRegistryHandler::GetRegEntry - exit
    INFO:: CRegistryHandler::GetSigmatelRecoveryFolder - Enter
    INFO:: CRegistryHandler::GetRegEntry - Entry
    INFO:: CRegistryHandler::GetRegEntry - exit
    INFO:: CRegistryHandler::GetSigmatelRecoveryFolder - Exit
    INFO:: CWMDMClient::SetSigmaTelBaseLoc() - Exit
    INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Entry
    INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Exit
    INFO:: Before MAP
    ERROR:: CHelp::GetConnectedDevices() - Map size if zero in DeviceHandler
    INFO:: CHelp::GetConnectedDevices() - Exit
    INFO:: CHelp::GetConnectedDevices() - Enter
    INFO:: CDeviceHandler::GetInstance() - Enter
    INFO:: CDeviceHandler::GetInstance() - Exit
    INFO:: CWMDMClient::GetConnectedDevices() - Enter
    INFO:: CDeviceHandler::GetInstance() - Enter
    INFO:: CDeviceHandler::GetInstance() - Exit
    INFO:: CWMDMClient::SetSigmaTelBaseLoc() - Enter

    Dit is slechts 20% van de inhoud.

    Wie kan me vertellen waar die files vandaan komen en hoe ziet m'n log er uit.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.