Vraag & Antwoord

Beveiliging & privacy

MTP_DM_PALservices files in Temp map, met logfile

1 antwoord
  • Sinds kort zie ik in mijn Temp map een aantal files staan met als naam MTP_DM_PALservices en dan een datum .txt De laatse 2 weken heb ik alleen een MP3 speler van Philips als hardware geïnstalleerd. Hierbij een Hijack log en daarna een stukje van de eerder genoemde file. Vanavond heb ik de volgende scans gedaan maar niets gevonden. (AdAware, Spyboth, AVG free en AVG anti spyware) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:52:24, on 20-12-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Philips\SA33XX\Philips Device Manager\Bin\SA33XXDeviceManager.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Outlook Express\Msimn.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [PhilipsSA33XXDM] C:\Program Files\Philips\SA33XX\Philips Device Manager\Bin\SA33XXDeviceManager.exe OS_STARTUP O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: ADSL Basis.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100899834476 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab O16 - DPF: {A92E0798-BFA4-4FEE-BB48-8E2C69B2B0C5} (PageDive Control) - http://www.pagedive.com/pagedive5630/PageDive5.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{5A659528-03FD-4B3B-9D9E-356358FF4D59}: NameServer = 194.109.104.104 194.109.6.66 O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe -- End of file - 7466 bytes En dan hier de eerder genoemde file: Year=2007,month=12,weekday=4,day=20,hour=18,minute=16 INFO:: CWMDMClient::RegisterForNotification() - Enter INFO:: CRegistryHandler::CRegistryHandler ---- Constructor - Entry INFO:: CRegistryHandler::SetBaseRegKey - Entry INFO:: CRegistryHandler::SetBaseRegKey - Exit INFO:: CRegistryHandler::CRegistryHandler ---- Constructor - Exit INFO:: CRegistryHandler::GetDefaultThreadWakeupInterval - Enter INFO:: CRegistryHandler::GetRegEntry - Entry INFO:: CRegistryHandler::GetRegEntry - exit INFO:: CRegistryHandler::GetDefaultThreadWakeupInterval - Exit INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Entry INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Exit INFO:: CHelp::Initialize() - Enter INFO:: CHelp::Initialize() - Exit INFO:: CHelp::HttpThreadRoutine() - Enter INFO:: CRegistryHandler::CRegistryHandler ---- Constructor - Entry INFO:: CRegistryHandler::SetBaseRegKey - Entry INFO:: CRegistryHandler::SetBaseRegKey - Exit INFO:: CRegistryHandler::CRegistryHandler ---- Constructor - Exit INFO:: CRegistryHandler::SetIsBusy - Entry INFO:: CRegistryHandler::SetRegEntry - Entry INFO:: CRegistryHandler::SetRegEntry - Exit INFO:: CRegistryHandler::SetIsBusy - Exit INFO:: CHelp::GetConnectedDevices() - Enter INFO:: CDeviceHandler::GetInstance() - Enter INFO:: CDeviceHandler::CDeviceHandler() - Enter INFO:: CDeviceHandler::CDeviceHandler() - Exit INFO:: CDeviceHandler::GetInstance() - Exit INFO:: CWMDMClient::GetConnectedDevices() - Enter INFO:: CDeviceHandler::GetInstance() - Enter INFO:: CDeviceHandler::GetInstance() - Exit INFO:: CWMDMClient::SetSigmaTelBaseLoc() - Enter INFO:: CRegistryHandler::CRegistryHandler ---- Constructor - Entry INFO:: CRegistryHandler::SetBaseRegKey - Entry INFO:: CRegistryHandler::SetBaseRegKey - Exit INFO:: CRegistryHandler::CRegistryHandler ---- Constructor - Exit INFO:: CRegistryHandler::GetRegEntry - Entry INFO:: CRegistryHandler::GetRegEntry - exit INFO:: CRegistryHandler::GetSigmatelRecoveryFolder - Enter INFO:: CRegistryHandler::GetRegEntry - Entry INFO:: CRegistryHandler::GetRegEntry - exit INFO:: CRegistryHandler::GetSigmatelRecoveryFolder - Exit INFO:: CWMDMClient::SetSigmaTelBaseLoc() - Exit INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Entry INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Exit INFO:: Before MAP ERROR:: CHelp::GetConnectedDevices() - Map size if zero in DeviceHandler INFO:: CHelp::GetConnectedDevices() - Exit INFO:: CHTTPServices::CHTTPServices: - Constructor Enter INFO:: CHTTPServices::CHTTPServices: - Constructor Exit INFO:: CHTTPServices::ISInternetConnAvailable: - Enter INFO:: CHelp::IsInternetConnAvailable() - Enter INFO:: CHTTPServices::CHTTPServices: - Constructor Enter INFO:: CHTTPServices::CHTTPServices: - Constructor Exit INFO:: CHTTPServices::ISInternetConnAvailable: - Enter INFO:: CHelp::ISInternetConnAvailable() - Exit INFO:: CHTTPServices::~CHTTPServices: - Destructor Enter INFO:: CHTTPServices::~CHTTPServices: - Destructor Exit INFO:: CHelp::GetConnectedDevices() - Enter INFO:: CDeviceHandler::GetInstance() - Enter INFO:: CDeviceHandler::GetInstance() - Exit INFO:: CWMDMClient::GetConnectedDevices() - Enter INFO:: CDeviceHandler::GetInstance() - Enter INFO:: CDeviceHandler::GetInstance() - Exit INFO:: CWMDMClient::SetSigmaTelBaseLoc() - Enter INFO:: CRegistryHandler::CRegistryHandler ---- Constructor - Entry INFO:: CRegistryHandler::SetBaseRegKey - Entry INFO:: CRegistryHandler::SetBaseRegKey - Exit INFO:: CRegistryHandler::CRegistryHandler ---- Constructor - Exit INFO:: CRegistryHandler::GetRegEntry - Entry INFO:: CRegistryHandler::GetRegEntry - exit INFO:: CRegistryHandler::GetSigmatelRecoveryFolder - Enter INFO:: CRegistryHandler::GetRegEntry - Entry INFO:: CRegistryHandler::GetRegEntry - exit INFO:: CRegistryHandler::GetSigmatelRecoveryFolder - Exit INFO:: CWMDMClient::SetSigmaTelBaseLoc() - Exit INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Entry INFO:: CRegistryHandler::~CRegistryHandler - Destructor - Exit INFO:: Before MAP ERROR:: CHelp::GetConnectedDevices() - Map size if zero in DeviceHandler INFO:: CHelp::GetConnectedDevices() - Exit INFO:: CHelp::GetConnectedDevices() - Enter INFO:: CDeviceHandler::GetInstance() - Enter INFO:: CDeviceHandler::GetInstance() - Exit INFO:: CWMDMClient::GetConnectedDevices() - Enter INFO:: CDeviceHandler::GetInstance() - Enter INFO:: CDeviceHandler::GetInstance() - Exit INFO:: CWMDMClient::SetSigmaTelBaseLoc() - Enter Dit is slechts 20% van de inhoud. Wie kan me vertellen waar die files vandaan komen en hoe ziet m'n log er uit.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.