Mededeling

Collapse
No announcement yet.

heeeeeeeel veel spyware

Collapse
X
Collapse
  •  
  • Page of 2
  • Tijd
  • Show
Clear All
new posts
Vorige 1 2 template Volgende
  • #1

    heeeeeeeel veel spyware

    hallo sorry, maar ook ik kom er dus niet meer vanaf van die spyware heb al vanalles geprobeerd ik hoop dat jullie er meer verstand van hebben dan mij. bedankt alvast

    Logfile of HijackThis v1.99.0
    Scan saved at 23:18:46, on 30-12-2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
    C:\WINDOWS\qkdeokgl.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\WINDOWS\System32\ntcpl.exe
    C:\WINDOWS\System32\ntsys32.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
    C:\Program Files\FinePixViewer\QuickDCF.exe
    C:\WINDOWS\System32\devldr32.exe
    C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
    C:\Program Files\interMute\SpySubtract\SpySub.exe
    C:\WINDOWS\System32\ntsys.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
    C:\Program Files\ISTsvc\istsvc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Schillemans\Bureaublad\hjt\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zeelandnet.nl/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/EnterOne/Portal/portal.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.zeelandnet.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - Default URLSearchHook is missing
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000000} - C:\WINDOWS\system32\IEHelper.dll
    O2 - BHO: (no name) - {FD3A6AB4-5527-4B52-90AF-F90CD3270861} - C:\WINDOWS\system32\inetconnect.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
    O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
    O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
    O4 - HKLM\..\Run: [Fortis Secure Layer Config] cseinst.exe -o-h
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
    O4 - HKLM\..\Run: [ntsysl] C:\WINDOWS\System32\ntsysl.exe
    O4 - HKLM\..\Run: [MSUpdate] c:\CriticalUpdate.exe
    O4 - HKLM\..\Run: [RegistryMonitor] c:\registry.pif
    O4 - HKLM\..\Run: [Microsoft Security Hot Fix Update] "%SystemRoot%\mshotfix.exe"
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [rBcP0] C:\WINDOWS\qkdeokgl.exe
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [rBcP0+¿ÔÇè]Iú"*‹üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qkdeokgl.exe
    O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
    O4 - HKLM\..\Run: [NvCplD] C:\WINDOWS\System32\ntcpl.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "C:\Program Files\iolo\System Mechanic 4\PopupStopper.exe"
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
    O4 - Global Startup: Exif Launcher.lnk = ?
    O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.viewpoint.com/cgi-bin/installer.v4/vet_install_popup.pl?0&4&unknown&unknown&unknown&unknown
    O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Internet Explorer\setup.exe
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/CursorManiaInitialSetup1.0.0.8.cab
    O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://mirror.worldwinner.com/games/shared/wwlaunch.cab
    O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
    O16 - DPF: {CEFB7B49-9652-464F-8AFD-A577C0500F39} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1008_1034_pack_XP.cab
    O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} - http://download.rfwnad.com/cab/crack.CAB
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
    O16 - DPF: {F7E7FE39-7298-442F-97CE-B7A5E9AFE12D} (Info Class) - http://www0.spelpunt.nl/idtool.cab
    O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://mirror.worldwinner.com/games/v51/h2hpool/h2hpool.cab
    O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: PC-cillin PersonalFirewall - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
    O23 - Service: Trend NT Realtime Service - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
    O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)
    Labels: Geen
      • Citaat
    • #2
      Hoi Jukkie,

      1. Vink onderstaande regels aan in HijackThis:

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/EnterOne/Portal/portal.html
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

      R3 - Default URLSearchHook is missing

      O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000000} - C:\WINDOWS\system32\IEHelper.dll
      O2 - BHO: (no name) - {FD3A6AB4-5527-4B52-90AF-F90CD3270861} - C:\WINDOWS\system32\inetconnect.dll

      O4 - HKLM\..\Run: [ntsysl] C:\WINDOWS\System32\ntsysl.exe
      O4 - HKLM\..\Run: [MSUpdate] c:\CriticalUpdate.exe
      O4 - HKLM\..\Run: [RegistryMonitor] c:\registry.pif
      O4 - HKLM\..\Run: [Microsoft Security Hot Fix Update] "%SystemRoot%\mshotfix.exe"
      O4 - HKLM\..\Run: [rBcP0] C:\WINDOWS\qkdeokgl.exe
      O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
      O4 - HKLM\..\Run: [rBcP0+¿ÔÇè]Iú"*‹üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qkdeokgl.exe
      O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
      O4 - HKLM\..\Run: [NvCplD] C:\WINDOWS\System32\ntcpl.exe
      O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe

      O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTS...nknown&unknown
      O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Internet Explorer\setup.exe
      O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...tup1.0.0.8.cab
      O16 - DPF: {CEFB7B49-9652-464F-8AFD-A577C0500F39} - http://akamai.downloadv3.com/binarie...34_pack_XP.cab
      O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} - http://download.rfwnad.com/cab/crack.CAB
      2. Sluit alle andere vensters en browsers, en klik op de knop “Fix Checked”.

      3. Start opnieuw op in veilige modus.
      Zorg ervoor dat verborgen bestanden en mappen zichtbaar zijn: Verkenner > Extra > Mapopties > Tablad Weergave > scroll naar beneden en vink het vakje voor "Verborgen bestanden en mappen weergeven" aan.

      4. Ga naar Windows Verkenner (Rechtsklikken op Start - Verkennen). Zoek en verwijder het volgende:
      Mappen:
      C:\Program Files\Viewpoint
      C:\Program Files\ISTsvc
      C:\Program Files\Common Files\GMT
      C:\Program Files\EnterOne

      Bestanden:
      C:\WINDOWS\System32\ntsysl.exe
      c:\CriticalUpdate.exe
      C:\WINDOWS\qkdeokgl.exe
      C:\Windows\mshotfix.exe
      C:\WINDOWS\System32\ntcpl.exe

      5. Start opnieuw op in normale modus, maak een nieuw logje aan met HijackThis, en post dat hier
      Last edited by H@ns; 31-12-04, 17:39.
        • Citaat

        Comment

        • #3
          2e hijack bedankt alvast

          Goedemorgen Hans

          Leuk dat je me even wil helpen ik snap niet dat je er wijs uitkent, uit zoveel regeltjes, maar bij deze mijn nieuwe hijack.
          Kon trouwens een aantal mappen en/of bestanden niet vinden nl.:
          - c:\programfiles\common files\GMT
          - c:\criticalupdate.exe
          - c:\windows\qkdeokgl.exe

          Is er nog hoop voor mijn computertje?


          groeten Jukkie

          Logfile of HijackThis v1.99.0
          Scan saved at 11:49:47, on 2-1-2005
          Platform: Windows XP (WinNT 5.01.2600)
          MSIE: Internet Explorer v6.00 (6.00.2600.0000)

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\WINDOWS\Explorer.EXE
          C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
          C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
          C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
          C:\Program Files\QuickTime\qttask.exe
          C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
          C:\Program Files\MSN Messenger\MsnMsgr.Exe
          C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
          C:\Program Files\FinePixViewer\QuickDCF.exe
          C:\Program Files\interMute\SpySubtract\SpySub.exe
          C:\WINDOWS\System32\devldr32.exe
          C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
          C:\WINDOWS\System32\svchost.exe
          C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
          C:\Documents and Settings\Schillemans\Bureaublad\hjt\hijackthis.exe
          C:\WINDOWS\System32\wuauclt.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Program%20Files/EnterOne/Portal/portal.html
          R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.zeelandnet.nl/
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
          O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
          O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
          O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
          O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
          O4 - HKLM\..\Run: [Fortis Secure Layer Config] cseinst.exe -o-h
          O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
          O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
          O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
          O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
          O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
          O4 - HKLM\..\Run: [rBcP0+¿ÔÇè]Iú"*‹üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qkdeokgl.exe
          O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
          O4 - HKLM\..\Run: [rBcP0] C:\WINDOWS\qkdeokgl.exe
          O4 - HKLM\..\Run: [NvCplD] C:\WINDOWS\System32\ntcpl.exe
          O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
          O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "C:\Program Files\iolo\System Mechanic 4\PopupStopper.exe"
          O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
          O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
          O4 - Global Startup: Exif Launcher.lnk = ?
          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
          O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
          O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://mirror.worldwinner.com/games/shared/wwlaunch.cab
          O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
          O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
          O16 - DPF: {F7E7FE39-7298-442F-97CE-B7A5E9AFE12D} (Info Class) - http://www0.spelpunt.nl/idtool.cab
          O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://mirror.worldwinner.com/games/v51/h2hpool/h2hpool.cab
          O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
          O23 - Service: PC-cillin PersonalFirewall - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
          O23 - Service: Trend NT Realtime Service - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
          O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)
            • Citaat

            Comment

            • #4
              Hoi Jukkie,

              1. Start HijackThis, en vink onderstaande regels aan:

              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Program%20Files/EnterOne/Portal/portal.html

              O4 - HKLM\..\Run: [rBcP0+¿ÔÇè]Iú"*‹üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qkdeokgl.exe
              O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
              O4 - HKLM\..\Run: [rBcP0] C:\WINDOWS\qkdeokgl.exe
              O4 - HKLM\..\Run: [NvCplD] C:\WINDOWS\System32\ntcpl.exe
              2. Sluit alle andere vensters en browsers, en klik op de knop “Fix Checked”.

              3. Start opnieuw op in veilige modus.
              Zorg ervoor dat verborgen bestanden en mappen zichtbaar zijn: Verkenner > Extra > Mapopties > Tablad Weergave > scroll naar beneden en vink het vakje voor "Verborgen bestanden en mappen weergeven" aan.

              4. Ga naar Windows Verkenner (Rechtsklikken op Start - Verkennen). Zoek en verwijder het volgende:
              Mappen:
              C:\Program Files\EnterOne
              C:\Program Files\ISTsvc

              Bestanden:
              C:\WINDOWS\qkdeokgl.exe
              C:\WINDOWS\System32\ntcpl.exe

              5. Start opnieuw op in normale modus, maak een nieuw logje aan met HijackThis, en post dat hier
                • Citaat

                Comment

                • #5
                  de derde

                  hoi Hans

                  bij deze de derde hijack.
                  De bestanden en mappen stonden er niet meer tussen.

                  Logfile of HijackThis v1.99.0
                  Scan saved at 16:54:46, on 3-1-2005
                  Platform: Windows XP (WinNT 5.01.2600)
                  MSIE: Internet Explorer v6.00 (6.00.2600.0000)

                  Running processes:
                  C:\WINDOWS\System32\smss.exe
                  C:\WINDOWS\system32\winlogon.exe
                  C:\WINDOWS\system32\services.exe
                  C:\WINDOWS\system32\lsass.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\WINDOWS\system32\spoolsv.exe
                  C:\WINDOWS\Explorer.EXE
                  C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
                  C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
                  C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
                  C:\Program Files\QuickTime\qttask.exe
                  C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
                  C:\Program Files\MSN Messenger\MsnMsgr.Exe
                  C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
                  C:\Program Files\FinePixViewer\QuickDCF.exe
                  C:\Program Files\interMute\SpySubtract\SpySub.exe
                  C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
                  C:\WINDOWS\System32\devldr32.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
                  C:\Program Files\Outlook Express\msimn.exe
                  C:\Documents and Settings\Schillemans\Bureaublad\hijackthis.exe

                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zeelandnet.nl/
                  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.zeelandnet.nl/
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
                  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
                  O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
                  O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
                  O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
                  O4 - HKLM\..\Run: [Fortis Secure Layer Config] cseinst.exe -o-h
                  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
                  O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
                  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
                  O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
                  O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
                  O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
                  O4 - HKLM\..\Run: [rBcP0+¿ÔÇè]Iú"*‹üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qkdeokgl.exe
                  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
                  O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "C:\Program Files\iolo\System Mechanic 4\PopupStopper.exe"
                  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
                  O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
                  O4 - Global Startup: Exif Launcher.lnk = ?
                  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
                  O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
                  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
                  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
                  O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://mirror.worldwinner.com/games/shared/wwlaunch.cab
                  O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
                  O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
                  O16 - DPF: {F7E7FE39-7298-442F-97CE-B7A5E9AFE12D} (Info Class) - http://www0.spelpunt.nl/idtool.cab
                  O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://mirror.worldwinner.com/games/v51/h2hpool/h2hpool.cab
                  O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
                  O23 - Service: PC-cillin PersonalFirewall - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
                  O23 - Service: Trend NT Realtime Service - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
                  O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)
                    • Citaat

                    Comment

                    • #6
                      Hoi Jukkie,

                      Start opnieuw op in veilige modus, en fix deze regel:

                      O4 - HKLM\..\Run: [rBcP0+¿ÔÇè]Iú"*‹üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qkdeokgl.exe

                      Start opnieuw op in normale modus, maak een nieuw logje aan, en post dat hier.
                        • Citaat

                        Comment

                        • #7
                          Hallo Hans
                          Bij deze weer eentje
                          Volgens mij gaan we de goeie kant op ik heb nergens geen last meer van op het eerste gezicht.
                          Bedankt

                          Logfile of HijackThis v1.99.0
                          Scan saved at 22:56:21, on 3-1-2005
                          Platform: Windows XP (WinNT 5.01.2600)
                          MSIE: Internet Explorer v6.00 (6.00.2600.0000)

                          Running processes:
                          C:\WINDOWS\System32\smss.exe
                          C:\WINDOWS\system32\winlogon.exe
                          C:\WINDOWS\system32\services.exe
                          C:\WINDOWS\system32\lsass.exe
                          C:\WINDOWS\system32\svchost.exe
                          C:\WINDOWS\System32\svchost.exe
                          C:\WINDOWS\Explorer.EXE
                          C:\WINDOWS\system32\spoolsv.exe
                          C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
                          C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
                          C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
                          C:\Program Files\QuickTime\qttask.exe
                          C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
                          C:\Program Files\MSN Messenger\MsnMsgr.Exe
                          C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
                          C:\Program Files\FinePixViewer\QuickDCF.exe
                          C:\Program Files\interMute\SpySubtract\SpySub.exe
                          C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
                          C:\WINDOWS\System32\devldr32.exe
                          C:\WINDOWS\System32\svchost.exe
                          C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
                          C:\WINDOWS\System32\wuauclt.exe
                          C:\Documents and Settings\Schillemans\Bureaublad\hijackthis.exe

                          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zeelandnet.nl/
                          R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.zeelandnet.nl/
                          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
                          O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
                          O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
                          O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
                          O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
                          O4 - HKLM\..\Run: [Fortis Secure Layer Config] cseinst.exe -o-h
                          O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
                          O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
                          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
                          O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
                          O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
                          O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
                          O4 - HKLM\..\Run: [rBcP0+¿ÔÇè]Iú"*‹üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qkdeokgl.exe
                          O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
                          O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "C:\Program Files\iolo\System Mechanic 4\PopupStopper.exe"
                          O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
                          O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
                          O4 - Global Startup: Exif Launcher.lnk = ?
                          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
                          O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
                          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
                          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
                          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
                          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
                          O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://mirror.worldwinner.com/games/shared/wwlaunch.cab
                          O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
                          O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
                          O16 - DPF: {F7E7FE39-7298-442F-97CE-B7A5E9AFE12D} (Info Class) - http://www0.spelpunt.nl/idtool.cab
                          O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://mirror.worldwinner.com/games/v51/h2hpool/h2hpool.cab
                          O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
                          O23 - Service: PC-cillin PersonalFirewall - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
                          O23 - Service: Trend NT Realtime Service - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
                          O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)
                            • Citaat

                            Comment

                            • #8
                              Die O4-regel die je eerder als moest fixen is een hardnekkige zo te zien.

                              Heb je Ad Aware SE al geinstalleerd?

                              Zo ja, update het. Zo nee, installeer en update het: http://www.nucia.eu/adaware/handleiding.html

                              Start opnieuw op in veilige modus, draai een full system scan met Ad Aware, en start weer opnieuw op in normale modus. Maak een nieuw HijackThis logje aan, en post dat hier
                                • Citaat

                                Comment

                                • #9
                                  Hoi Hans

                                  Bij de scan van adaware kreeg ik 51 objects die hij gevonden had.
                                  Hieronder wederom een nieuwe hijack.
                                  Wederom bedankt voor je hulp

                                  Logfile of HijackThis v1.99.0
                                  Scan saved at 17:47:01, on 4-1-2005
                                  Platform: Windows XP (WinNT 5.01.2600)
                                  MSIE: Internet Explorer v6.00 (6.00.2600.0000)

                                  Running processes:
                                  C:\WINDOWS\System32\smss.exe
                                  C:\WINDOWS\system32\winlogon.exe
                                  C:\WINDOWS\system32\services.exe
                                  C:\WINDOWS\system32\lsass.exe
                                  C:\WINDOWS\system32\svchost.exe
                                  C:\WINDOWS\System32\svchost.exe
                                  C:\WINDOWS\system32\spoolsv.exe
                                  C:\WINDOWS\Explorer.EXE
                                  C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
                                  C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
                                  C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
                                  C:\Program Files\QuickTime\qttask.exe
                                  C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
                                  C:\Program Files\MSN Messenger\MsnMsgr.Exe
                                  C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
                                  C:\Program Files\FinePixViewer\QuickDCF.exe
                                  C:\WINDOWS\System32\devldr32.exe
                                  C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
                                  C:\WINDOWS\System32\svchost.exe
                                  C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
                                  C:\WINDOWS\System32\wuauclt.exe
                                  c:\Program Files\interMute\SpySubtract\SpySub.exe
                                  C:\Documents and Settings\Schillemans\Bureaublad\hijackthis.exe

                                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zeelandnet.nl/
                                  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.zeelandnet.nl/
                                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                                  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
                                  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
                                  O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
                                  O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
                                  O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
                                  O4 - HKLM\..\Run: [Fortis Secure Layer Config] cseinst.exe -o-h
                                  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
                                  O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
                                  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
                                  O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
                                  O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
                                  O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
                                  O4 - HKLM\..\Run: [rBcP0+¿ÔÇè]Iú"*‹üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\qkdeokgl.exe
                                  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
                                  O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "C:\Program Files\iolo\System Mechanic 4\PopupStopper.exe"
                                  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
                                  O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
                                  O4 - Global Startup: Exif Launcher.lnk = ?
                                  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
                                  O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
                                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
                                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
                                  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
                                  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
                                  O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://mirror.worldwinner.com/games/shared/wwlaunch.cab
                                  O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
                                  O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
                                  O16 - DPF: {F7E7FE39-7298-442F-97CE-B7A5E9AFE12D} (Info Class) - http://www0.spelpunt.nl/idtool.cab
                                  O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://mirror.worldwinner.com/games/v51/h2hpool/h2hpool.cab
                                  O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
                                  O23 - Service: PC-cillin PersonalFirewall - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
                                  O23 - Service: Trend NT Realtime Service - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
                                  O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)
                                    • Citaat

                                    Comment

                                    • #10
                                      Hoi Jukkie,

                                      Open Kladblok, en kopier en plak de inhoud van het vak hieronder in een nieuw tekstbestand. Sla het op als "Export.bat" en sla het op op je bureaublad.

                                      Code:
                                      regedit /e domains.reg "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
                                      Zoek naar "Export.bat" op je bureaublad, en dubbelklik er op. Dit zal een bestand maken op je bureaublad, genaamd "domains.reg". Voeg deze domains.reg toe in je reply
                                      Last edited by H@ns; 06-01-05, 09:15.
                                        • Citaat

                                        Comment

                                        • #11
                                          Hoi Hans

                                          Moet ik die domain.reg als bijlage toevoegen dan?
                                          Sorry maar zo heel veel verstand heb ik er ook niet van, maar alles heb ik gedaan zoals jij zei en op het buroblad staat nu domains register. als ik hierop dubbelklik dan zegt hij dat hij iets opslaat , maar ik krijg dat niet geopend.
                                          alvast bedankt

                                          Jukkies
                                            • Citaat

                                            Comment

                                            • #12
                                              Klik op "Post reply", en scroll dan naar beneden.

                                              Daar staat "Beheer Bijlagen", klik hierop. Zoek hierna het domains.reg bestand op wat op je bureaublad staat, en upload het.

                                              Duidelijk genoeg?
                                                • Citaat

                                                Comment

                                                • #13
                                                  hoi Hans

                                                  Hij geeft aan dat dit een ongeldig bestandstype is.
                                                  ben ik dan toch niet geschikt voor een computer zoals mijn vrouw altijd zegt?

                                                  jukkies
                                                    • Citaat

                                                    Comment

                                                    • #14
                                                      Dat lag niet aan jou hoor

                                                      klik rechts op domains.reg > kopieren naar > gecomprimeerde map

                                                      Upload deze map daarna op het forum, dan zou het moeten lukken!
                                                      Last edited by H@ns; 06-01-05, 11:52.
                                                        • Citaat

                                                        Comment

                                                        • #15
                                                          oke

                                                          Op hoop van zege dan maar
                                                          Bijgevoegde Bestanden
                                                            • Citaat

                                                            Comment

                                                            Vorige 1 2 template Volgende
                                                            Sorry, you are not authorized to view this page
                                                            Working...
                                                            X
                                                            😀
                                                            🥰
                                                            🤢
                                                            😎
                                                            😡
                                                            👍
                                                            👎