Ga naar inhoud

[OPGELOST] Programma's starten traag op...


Aanbevolen berichten

kan iemand onderstaande eens nazien, mijn programma's starten zeer traag op:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:07:29, on 6/12/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Launch Manager\LaunchAp.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\PRISMSTA.EXE

C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe

C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe

C:\Program Files\Network Associates\VirusScan\Mcshield.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe

C:\Program Files\Launch Manager\HotkeyApp.exe

C:\Program Files\Launch Manager\OSD.exe

C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE

C:\Program Files\Launch Manager\Wbutton.exe

C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program Files\CodeStuff\Starter\Starter.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\DOCUME~1\tom\LOCALS~1\Temp\Rar$EX00.125\HijackThis.exe

C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://pac.pandora.be:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O1 - Hosts: 216.40.230.4 desktop.kazaa.com

O1 - Hosts: 216.40.230.4 alpha.kazaa.com

O1 - Hosts: 216.40.230.4 shop.kazaa.com

O2 - BHO: HTML Source Editor - {0E1B2879-88FF-11D2-8D96-D7ACAC95951F} - C:\WINDOWS\system32\adjhdf.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: C:\WINDOWS\lbbho.dll - {616A4167-A009-466C-B193-4EB32861606E} - C:\WINDOWS\lbbho.dll

O2 - BHO: (no name) - {6281F9A5-72A6-0FE3-3019-7F65F2698D5D} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O3 - Toolbar: (no name) - {EFAF6EA3-615D-4F83-8748-2F7A576FCEA6} - (no file)

O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe

O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe

O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [OSD] C:\Program Files\Launch Manager\OSD.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com

O16 - DPF: {134F7664-943D-3BB9-65F5-70B91DF46C86} - http://www.xxxcodec.com/xxxcodec-v3.508.exe

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://virusscanner.telenet.be/fscax.cab

O21 - SSODL: hydrodictyon - {b166be07-30a4-4d38-b781-44528a630706} - (no file)

O22 - SharedTaskScheduler: hydrodictyon - {b166be07-30a4-4d38-b781-44528a630706} - (no file)

O22 - SharedTaskScheduler: eaton - {d8b937a4-cdad-497b-a872-8da7c4c3ef6f} - (no file)

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe

O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe

O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

O23 - Service: XXXCodec Service (XXXCodec Acceleration Service) - Unknown owner - C:\Program Files\XXXCodec\casrv.exe (file missing)

--

End of file - 7934 bytes

Link naar reactie
Delen op andere sites

Download HostsXpert

Unzip het programma naar je Bureaublad.

Open de map en dubbelklik op Hoster.exe

Klik op "Restore Microsofts Original Hosts File"

Klik op "OK" en sluit het programma.

Je hebt HiJackThis in een tijdelijke map staan. Wil je dit programma eerst verplaatsen naar een eigen map bvb. C:\ProgramFiles\TrendMicro\HiJackThis\...

Start Hijackthis op en kies voor 'Do a system scan only'. Selecteer alleen de items hieronder genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

O1 - Hosts: 216.40.230.4 desktop.kazaa.com

O1 - Hosts: 216.40.230.4 alpha.kazaa.com

O1 - Hosts: 216.40.230.4 shop.kazaa.com

O2 - BHO: HTML Source Editor - {0E1B2879-88FF-11D2-8D96-D7ACAC95951F} - C:\WINDOWS\system32\adjhdf.dll

O2 - BHO: C:\WINDOWS\lbbho.dll - {616A4167-A009-466C-B193-4EB32861606E} - C:\WINDOWS\lbbho.dll

O2 - BHO: (no name) - {6281F9A5-72A6-0FE3-3019-7F65F2698D5D} - (no file)

O3 - Toolbar: (no name) - {EFAF6EA3-615D-4F83-8748-2F7A576FCEA6} - (no file)

O16 - DPF: {134F7664-943D-3BB9-65F5-70B91DF46C86} - http://www.xxxcodec.com/xxxcodec-v3.508.exe

O21 - SSODL: hydrodictyon - {b166be07-30a4-4d38-b781-44528a630706} - (no file)

O22 - SharedTaskScheduler: hydrodictyon - {b166be07-30a4-4d38-b781-44528a630706} - (no file)

O22 - SharedTaskScheduler: eaton - {d8b937a4-cdad-497b-a872-8da7c4c3ef6f} - (no file)

O23 - Service: XXXCodec Service (XXXCodec Acceleration Service) - Unknown owner - C:\Program Files\XXXCodec\casrv.exe (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Verwijder volgende vetgedrukte map met Windows Verkenner :

C:\Program Files\XXXCodec

Download MBAM (Malwarebytes' Anti-Malware).

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)

De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.

Daarna zal het vragen om de computeropnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

Link naar reactie
Delen op andere sites

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:58:15, on 6/12/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\Program Files\Network Associates\VirusScan\Mcshield.exe

C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Launch Manager\LaunchAp.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\PRISMSTA.EXE

C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe

C:\Program Files\Launch Manager\HotkeyApp.exe

C:\Program Files\Launch Manager\OSD.exe

C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE

C:\Program Files\Launch Manager\Wbutton.exe

C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\DOCUME~1\tom\LOCALS~1\Temp\Rar$EX00.594\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://pac.pandora.be:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe

O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe

O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [OSD] C:\Program Files\Launch Manager\OSD.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://virusscanner.telenet.be/fscax.cab

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe

O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe

O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

O23 - Service: XXXCodec Service (XXXCodec Acceleration Service) - Unknown owner - C:\Program Files\XXXCodec\casrv.exe (file missing)

--

End of file - 6804 bytes

Malwarebytes' Anti-Malware 1.31

Database versie: 1466

Windows 5.1.2600 Service Pack 3

6/12/2008 15:52:22

mbam-log-2008-12-06 (15-52-22).txt

Scan type: Snelle Scan

Objecten gescand: 48192

Verstreken tijd: 6 minute(s), 23 second(s)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 3

Registerwaarden geïnfecteerd: 8

Registerdata bestanden geïnfecteerd: 0

Mappen geïnfecteerd: 6

Bestanden geïnfecteerd: 11

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f10587e9-0e47-4cbe-84ae-7dd20b8684bb} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{efaf6ea3-615d-4f83-8748-2f7a576fcea6} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e8249e69-a809-4544-832f-64eb65747a92} (Trojan.Zlob) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{efaf6ea3-615d-4f83-8748-2f7a576fcea6} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{10e42047-deb9-4535-a118-b3f6ec39b807} (Adware.ISTBar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\netsearchsoft.com (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\Home Page (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootStera (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

Registerdata bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:

C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

C:\Program Files\MyWay (Adware.MyWay) -> Quarantined and deleted successfully.

C:\Documents and Settings\LocalService\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

C:\Documents and Settings\LocalService\Application Data\WinAntiVirus Pro 2006\Logs (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

C:\Documents and Settings\LocalService\Application Data\SystemDoctor 2006 Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.

C:\Documents and Settings\LocalService\Application Data\SystemDoctor 2006 Free\Logs (Rogue.SystemDoctor) -> Quarantined and deleted successfully.

Bestanden geïnfecteerd:

C:\Documents and Settings\LocalService\Application Data\WinAntiVirus Pro 2006\PGE.dat (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

C:\Documents and Settings\LocalService\Application Data\WinAntiVirus Pro 2006\Logs\update.log (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

C:\Documents and Settings\LocalService\Application Data\WinAntiVirus Pro 2006\Logs\wa6Support.log (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

C:\Documents and Settings\LocalService\Application Data\WinAntiVirus Pro 2006\Logs\winav.log (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

C:\Documents and Settings\LocalService\Application Data\SystemDoctor 2006 Free\Logs\update.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\stera.job (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

C:\WINDOWS\tmlpcert2005 (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Documents and Settings\tom\FR_AlpineClassic.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\tom\install_flash_player.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\tom\settlers_catan.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\tom\Favorieten\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully.

Link naar reactie
Delen op andere sites

Volgende stap dan :

Download Combofix naar je Bureaublad.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

  • Dubbelklik op Combofix.exe om het te starten.
    Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
    Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
    Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster.
    Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
    Klik na afloop terug op Ja om het scannen op malware te starten.
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

Link naar reactie
Delen op andere sites

in stand by gaan en pc normaal afsluiten lukt ook niet, de opstartsnelheid van de programma's blijft hetzelfde.

ComboFix 08-12-06.06 - tom 07/12/2008 14:18:18.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.138 [GMT 1:00]

Gestart vanuit: c:\documents and settings\tom\Bureaublad\ComboFix.exe

* Nieuw herstelpunt werd aangemaakt

* Resident AV is active

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\Common Files\companion wizard

c:\program files\Common Files\companion wizard\compwiz.exe

c:\program files\Common Files\companion wizard\WapCHK.dll

c:\windows\IE4 Error Log.txt

c:\windows\NDNuninstall4_85.exe

c:\windows\NDNuninstall5_48.exe

c:\windows\NDNuninstall5_64.exe

c:\windows\NDNuninstall6_10.exe

c:\windows\NDNuninstall6_22.exe

c:\windows\NDNuninstall6_30.exe

c:\windows\NDNuninstall6_38.exe

c:\windows\NDNuninstall6_98.exe

c:\windows\NDNuninstall7_14.exe

c:\windows\NDNuninstall7_22.exe

c:\windows\NDNuninstall7_48.exe

c:\windows\system32\stera.log

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_FOPN

-------\Legacy_VSPF

-------\Legacy_VSPF_HK

-------\Legacy_XXXCODEC_ACCELERATION_SERVICE

-------\Service_vspf

-------\Service_vspf_hk

-------\Service_XXXCodec Acceleration Service

(((((((((((((((((((( Bestanden Gemaakt van 2008-11-07 to 2008-12-07 ))))))))))))))))))))))))))))))

.

2008-12-06 15:43 . 2008-12-06 15:43 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2008-12-06 15:43 . 2008-12-06 15:43 <DIR> d-------- c:\documents and settings\tom\Application Data\Malwarebytes

2008-12-06 15:43 . 2008-12-06 15:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes

2008-12-06 15:43 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2008-12-06 15:43 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2008-12-03 20:00 . 2008-12-03 20:00 <DIR> d-------- c:\program files\CodeStuff

2008-11-28 14:50 . 2008-11-28 14:50 <DIR> d-------- c:\program files\ffdshow

2008-11-28 14:39 . 2008-12-06 19:20 <DIR> d-------- c:\program files\TacxFortius

2008-11-28 13:58 . 2008-11-28 13:58 <DIR> d-------- C:\tom

2008-11-26 18:58 . 2008-11-26 18:58 <DIR> d-------- c:\documents and settings\tom\Application Data\Uniblue

2008-11-26 18:34 . 2008-11-26 18:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles

2008-11-23 22:22 . 2006-03-09 17:59 180,224 --a------ c:\windows\system32\NVUNINST.EXE

2008-11-23 22:21 . 2006-03-09 15:29 573,440 --a------ c:\windows\system32\nvhwvid.dll

2008-11-23 22:21 . 2006-03-09 15:29 286,720 --a------ c:\windows\system32\nvnt4cpl.dll

2008-11-23 22:21 . 2006-03-09 15:29 229,376 --a------ c:\windows\system32\nvmccs.dll

2008-11-23 22:21 . 2006-03-09 15:29 98,304 --a------ c:\windows\system32\nvapi.dll

2008-11-23 22:21 . 2006-03-09 15:29 81,920 --a------ c:\windows\system32\nvwddi.dll

2008-11-23 22:21 . 2006-03-09 15:29 35,840 --a------ c:\windows\system32\nvcodins.dll

2008-11-23 22:21 . 2006-03-09 15:29 35,840 --a------ c:\windows\system32\nvcod.dll

2008-11-23 18:15 . 2008-11-23 18:15 <DIR> d-------- c:\windows\system32\XPSViewer

2008-11-23 18:15 . 2008-11-23 18:15 <DIR> d-------- c:\program files\Reference Assemblies

2008-11-23 18:15 . 2008-11-23 18:15 <DIR> d-------- c:\program files\MSBuild

2008-11-23 18:14 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll

2008-11-23 18:14 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll

2008-11-23 18:14 . 2008-07-06 11:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2008-11-23 18:14 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll

2008-11-23 18:14 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll

2008-11-23 18:14 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll

2008-11-23 18:14 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2008-11-13 17:33 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-01 19:33 --------- d-----w c:\program files\FreeCommander

2008-11-28 13:41 --------- d--h--w c:\program files\InstallShield Installation Information

2008-11-28 13:07 --------- d---a-w c:\program files\Medion Power Cinema

2008-11-28 12:58 --------- d---a-w c:\program files\Common Files\Adobe

2008-10-27 21:53 --------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems

2008-10-27 21:52 --------- d-----w c:\program files\Common Files\Ulead Systems

2008-10-27 21:52 --------- d-----w c:\documents and settings\tom\Application Data\Ulead Systems

2008-10-27 21:48 --------- d-----w c:\documents and settings\tom\Application Data\LG Electronics

2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys

2008-08-29 15:53 19,984 -c--a-w c:\documents and settings\tom\Application Data\mdbu.bin

2007-06-23 15:32 3,125,040 -c--a-w c:\documents and settings\tom\LimeWireWin.exe

2007-05-26 09:39 1,532,144 -c--a-w c:\documents and settings\tom\TelenetFotoUploader.exe

2005-08-21 17:40 59,304 -c--a-w c:\documents and settings\tom\Application Data\GDIPFONTCACHEV1.DAT

2003-08-12 18:28 40,960 -c--a-w c:\program files\Uninstall_PCM.exe

2005-03-01 15:21 417,792 -csh--r c:\windows\system32\w?nword.exe

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PopUpStopperFreeEdition"="c:\progra~1\PANICW~1\POP-UP~1\PSFree.exe" [2003-04-29 524288]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2003-05-12 32768]

"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-05-08 20480]

"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2003-02-25 139347]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"Motive SmartBridge"="c:\progra~1\TELENE~1\SMARTB~1\MotiveSB.exe" [2004-04-07 385024]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"FinePrint Dispatcher v4"="c:\windows\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe" [2002-06-24 352256]

"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2003-06-30 40960]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-09 7561216]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-03-09 86016]

"OSD"="c:\program files\Launch Manager\OSD.exe" [2003-06-25 204800]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-04-05 98304]

"ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2003-03-06 90182]

"VOBRegCheck"="c:\windows\System32\VOBREGCheck.exe" [2003-01-08 153088]

"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2003-06-18 61440]

"SoundMan"="SOUNDMAN.EXE" [2003-04-24 c:\windows\SOUNDMAN.EXE]

"PRISMSTA.EXE"="PRISMSTA.EXE" [2003-08-04 c:\windows\system32\PRISMSTA.exe]

"nwiz"="nwiz.exe" [2006-03-09 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= c:\progra~1\ffdshow\ffdshow.ax

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 Hotkey;Hotkey;c:\windows\system32\drivers\Hotkey.sys [2003-08-22 9867]

R1 Wbutton;Wbutton;c:\windows\system32\drivers\Wbutton.sys [2003-08-22 2920]

R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248]

R3 PRISM_A00;PRISM 802.11g Driver;c:\windows\system32\DRIVERS\PRISMA00.sys [2004-02-27 364320]

S1 mailKmd;mailKmd; []

S3 aaudstum;aaudstum;\??\c:\docume~1\tom\LOCALS~1\Temp\aaudstum.sys []

S3 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2002-09-20 77824]

S3 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2002-09-20 77824]

.

Inhoud van de 'Gedeelde Taken' map

2008-12-07 c:\windows\Tasks\B9AC3D799C7BB785.job

- c:\docume~1\tom\applic~1\openbike\rdr less frag.exe []

.

- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe

.

------- Bijkomende Scan -------

.

uStart Page = about:blank

uInternet Settings,ProxyServer = hxxp://pac.pandora.be:8080

uInternet Settings,ProxyOverride = 127.0.0.1

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd

O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd

FireFox -: Profile - c:\documents and settings\tom\Application Data\Mozilla\Firefox\Profiles\yd6qs2ci.default\

FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.rouesartisanales.com/

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-07 17:38:38

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

CtrlVol = c:\program files\Launch Manager\CtrlVol.exe???????@??n?w???????????w???w?n?w???????? ???0V?w|??????w????0???????y??w?????????????3?????? ???????0???????I??s???s@????????????a?wx??sx???????B-?s???????????????s???s?????n?w????Y??sD???D??s??@??=@?P??????????

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Lavasoft\Ad-Aware\aawservice.exe

c:\program files\Network Associates\Common Framework\FrameworkService.exe

c:\program files\Network Associates\VirusScan\Mcshield.exe

c:\program files\Network Associates\VirusScan\VsTskMgr.exe

c:\program files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE

c:\progra~1\NETWOR~1\COMMON~1\naPrdMgr.exe

.

**************************************************************************

.

Voltooingstijd: 2008-12-07 17:43:06 - machine werd herstart

ComboFix-quarantined-files.txt 2008-12-07 16:42:57

Pre-Run: 7.045.226.496 bytes beschikbaar

Post-Run: 7,044,726,784 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

185 --- E O F --- 2008-11-30 02:02:53

Link naar reactie
Delen op andere sites

In je HJT-log is deze lijn nog steeds aanwezig. Is dit een bewuste keuze omdat je Firefox gebruikt ? Zo niet, moet je deze nog fixen met HiJackThis.

Start Hijackthis op en kies voor 'Do a system scan only'. Selecteer alleen de items hieronder genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

Klik op 'Fix checked' om de items te verwijderen.

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\docume~1\tom\LOCALS~1\Temp\aaudstum.sys

c:\windows\Tasks\B9AC3D799C7BB785.job

c:\docume~1\tom\applic~1\openbike\rdr less frag.exe

Registry::

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]

CtrlVol =-

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

Link naar reactie
Delen op andere sites

ik heb enkel IE nodig voor een programma van telenet(easy care)

ComboFix 08-12-07.01 - tom 2008-12-08 22:02:58.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.137 [GMT 1:00]

Gestart vanuit: c:\documents and settings\tom\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\tom\Bureaublad\CFScript.txt

* Nieuw herstelpunt werd aangemaakt

* Resident AV is active

FILE ::

c:\docume~1\tom\applic~1\openbike\rdr less frag.exe

c:\docume~1\tom\LOCALS~1\Temp\aaudstum.sys

c:\windows\Tasks\B9AC3D799C7BB785.job

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\Tasks\B9AC3D799C7BB785.job

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-11-08 to 2008-12-08 ))))))))))))))))))))))))))))))

.

2008-12-06 15:43 . 2008-12-06 15:43 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2008-12-06 15:43 . 2008-12-06 15:43 <DIR> d-------- c:\documents and settings\tom\Application Data\Malwarebytes

2008-12-06 15:43 . 2008-12-06 15:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes

2008-12-06 15:43 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2008-12-06 15:43 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2008-12-03 20:00 . 2008-12-03 20:00 <DIR> d-------- c:\program files\CodeStuff

2008-11-28 14:50 . 2008-11-28 14:50 <DIR> d-------- c:\program files\ffdshow

2008-11-28 14:39 . 2008-12-06 19:20 <DIR> d-------- c:\program files\TacxFortius

2008-11-28 13:58 . 2008-11-28 13:58 <DIR> d-------- C:\tom

2008-11-26 18:58 . 2008-11-26 18:58 <DIR> d-------- c:\documents and settings\tom\Application Data\Uniblue

2008-11-26 18:34 . 2008-11-26 18:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles

2008-11-23 22:22 . 2006-03-09 17:59 180,224 --a------ c:\windows\system32\NVUNINST.EXE

2008-11-23 22:21 . 2006-03-09 15:29 573,440 --a------ c:\windows\system32\nvhwvid.dll

2008-11-23 22:21 . 2006-03-09 15:29 286,720 --a------ c:\windows\system32\nvnt4cpl.dll

2008-11-23 22:21 . 2006-03-09 15:29 229,376 --a------ c:\windows\system32\nvmccs.dll

2008-11-23 22:21 . 2006-03-09 15:29 98,304 --a------ c:\windows\system32\nvapi.dll

2008-11-23 22:21 . 2006-03-09 15:29 81,920 --a------ c:\windows\system32\nvwddi.dll

2008-11-23 22:21 . 2006-03-09 15:29 35,840 --a------ c:\windows\system32\nvcodins.dll

2008-11-23 22:21 . 2006-03-09 15:29 35,840 --a------ c:\windows\system32\nvcod.dll

2008-11-23 18:15 . 2008-11-23 18:15 <DIR> d-------- c:\windows\system32\XPSViewer

2008-11-23 18:15 . 2008-11-23 18:15 <DIR> d-------- c:\program files\Reference Assemblies

2008-11-23 18:15 . 2008-11-23 18:15 <DIR> d-------- c:\program files\MSBuild

2008-11-23 18:14 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll

2008-11-23 18:14 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll

2008-11-23 18:14 . 2008-07-06 11:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2008-11-23 18:14 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll

2008-11-23 18:14 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll

2008-11-23 18:14 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll

2008-11-23 18:14 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2008-11-13 17:33 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-01 19:33 --------- d-----w c:\program files\FreeCommander

2008-11-28 13:41 --------- d--h--w c:\program files\InstallShield Installation Information

2008-11-28 13:07 --------- d---a-w c:\program files\Medion Power Cinema

2008-11-28 12:58 --------- d---a-w c:\program files\Common Files\Adobe

2008-10-27 21:53 --------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems

2008-10-27 21:52 --------- d-----w c:\program files\Common Files\Ulead Systems

2008-10-27 21:52 --------- d-----w c:\documents and settings\tom\Application Data\Ulead Systems

2008-10-27 21:48 --------- d-----w c:\documents and settings\tom\Application Data\LG Electronics

2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll

2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll

2008-09-15 15:28 1,846,528 ----a-w c:\windows\system32\win32k.sys

2008-09-10 01:16 1,307,648 ------w c:\windows\system32\msxml6.dll

2008-08-29 15:53 19,984 -c--a-w c:\documents and settings\tom\Application Data\mdbu.bin

2007-06-23 15:32 3,125,040 -c--a-w c:\documents and settings\tom\LimeWireWin.exe

2007-05-26 09:39 1,532,144 -c--a-w c:\documents and settings\tom\TelenetFotoUploader.exe

2005-08-21 17:40 59,304 -c--a-w c:\documents and settings\tom\Application Data\GDIPFONTCACHEV1.DAT

2003-08-12 18:28 40,960 -c--a-w c:\program files\Uninstall_PCM.exe

2005-03-01 15:21 417,792 -csh--r c:\windows\system32\w?nword.exe

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PopUpStopperFreeEdition"="c:\progra~1\PANICW~1\POP-UP~1\PSFree.exe" [2003-04-29 524288]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2003-05-12 32768]

"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-05-08 20480]

"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2003-02-25 139347]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"Motive SmartBridge"="c:\progra~1\TELENE~1\SMARTB~1\MotiveSB.exe" [2004-04-07 385024]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"FinePrint Dispatcher v4"="c:\windows\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe" [2002-06-24 352256]

"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2003-06-30 40960]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-09 7561216]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-03-09 86016]

"OSD"="c:\program files\Launch Manager\OSD.exe" [2003-06-25 204800]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-04-05 98304]

"ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2003-03-06 90182]

"VOBRegCheck"="c:\windows\System32\VOBREGCheck.exe" [2003-01-08 153088]

"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2003-06-18 61440]

"SoundMan"="SOUNDMAN.EXE" [2003-04-24 c:\windows\SOUNDMAN.EXE]

"PRISMSTA.EXE"="PRISMSTA.EXE" [2003-08-04 c:\windows\system32\PRISMSTA.exe]

"nwiz"="nwiz.exe" [2006-03-09 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= c:\progra~1\ffdshow\ffdshow.ax

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 Hotkey;Hotkey;c:\windows\system32\drivers\Hotkey.sys [2003-08-22 9867]

R1 Wbutton;Wbutton;c:\windows\system32\drivers\Wbutton.sys [2003-08-22 2920]

R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248]

R3 PRISM_A00;PRISM 802.11g Driver;c:\windows\system32\DRIVERS\PRISMA00.sys [2004-02-27 364320]

S1 mailKmd;mailKmd; []

S3 aaudstum;aaudstum;\??\c:\docume~1\tom\LOCALS~1\Temp\aaudstum.sys []

S3 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2002-09-20 77824]

S3 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2002-09-20 77824]

*Newly Created Service* - CATCHME

.

Inhoud van de 'Gedeelde Taken' map

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyServer = hxxp://pac.pandora.be:8080

uInternet Settings,ProxyOverride = 127.0.0.1

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd

O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd

FireFox -: Profile - c:\documents and settings\tom\Application Data\Mozilla\Firefox\Profiles\yd6qs2ci.default\

FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.rouesartisanales.com/

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-08 22:05:03

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

CtrlVol = c:\program files\Launch Manager\CtrlVol.exe???????@??n?w???????????w???w?n?w???????? ???0V?w|??????w????0???????y??w?????????????3?????? ???????0???????I??s???s@????????????a?wx??sx???????B-?s???????????????s???s?????n?w????Y??sD???D??s??@??=@?P??????????

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

Voltooingstijd: 2008-12-08 22:06:40

ComboFix-quarantined-files.txt 2008-12-08 21:06:07

ComboFix2.txt 2008-12-07 16:43:10

Pre-Run: 7.033.159.680 bytes beschikbaar

Post-Run: 7,021,346,816 bytes beschikbaar

156 --- E O F --- 2008-11-30 02:02:53

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:12:40, on 8/12/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\Program Files\Network Associates\VirusScan\Mcshield.exe

C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Launch Manager\LaunchAp.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\PRISMSTA.EXE

C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe

C:\Program Files\Launch Manager\HotkeyApp.exe

C:\Program Files\Launch Manager\OSD.exe

C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE

C:\Program Files\Launch Manager\Wbutton.exe

C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\DOCUME~1\tom\LOCALS~1\Temp\Rar$EX00.390\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://pac.pandora.be:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe

O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [FinePrint Dispatcher v4] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe

O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [OSD] C:\Program Files\Launch Manager\OSD.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://virusscanner.telenet.be/fscax.cab

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe

O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe

O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

--

End of file - 6420 bytes

Link naar reactie
Delen op andere sites

Je mag deze vetgedrukte bestanden nog verwijderen met Windows Verkenner :

c:\documentsandsettings\tom\LOCALSETTINGS\Temp\aaudstum.sys

c:\documentsandsettings\tom\applicationdata\openbike\rdr less frag.exe

En dan je JAVA nog updaten :

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Download Java Runtime Environment (JRE) 6u11 naar je Bureaublad

Sluit alle programma's die eventueel open zijn - Zeker je web browser!

  • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
  • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  • Herhaal dit tot alle oudere versies verdwenen zijn.
  • Na het verwijderen van alle oudere versies, herstart je pc.
  • Dubbelklik vervolgens op jre-6u11-windows-i586-p.s.exe op je Bureaublad om de nieuwste versie van Java te installeren.

En laat dan eens weten of er nu verbetering merkbaar is ?

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.