Check alle échte Black Friday-deals Ook zo moe van nepaanbiedingen? Wij laten alleen échte deals zien
Toon posts:

[pop-ups] ads1.revenue.net

Pagina: 1
Acties:

woensdag 8 juni 2005 18:20

Acties:
  • _kilian_
  • Registratie: December 2004
  • Laatst online: 10:09

_kilian_

Topicstarter
Beste tweakers,

Ik heb nu al meer dan een dag last van een hardnekkige vorm van popups. De tijdsduur tussen de popups verschilt. Ze verwijzen op het moment allemaal naar ads1.revenue.net en gisteren was dat iets anders. Gisteren verschenen er lings naar het installeren van software voor derbiz.com, maar nu is het weer iets anders en wordt er op de desktop een link naar temp532.exe geplaatst. Ik heb al meerdere scans met geupdate Spybot S&D en Ad-Aware 1.6 gedaan. Ook heb ik een volledige virusscan gedaan met Norton Antivirus 2004. Daarmee heb ik alles verwijderd, maar het mocht niet baten.

Ik heb 2 mega grote hijackthis logs eentje in veilige modus en eentje als ik gewoon bij mijn gebruiker ben aangemeld. Ze zijn zo groot dat ik echt niet weet waar de fout kan liggen. Ik heb ook nog hier op het forum en op internet gezocht, maar ik kon niet echt iets vinden waar ik iets aan had.

Jullie hulp zou erg welkom zijn ;)

Hier de logs

Veilige Modus
code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162

Logfile of HijackThis v1.99.1
Scan saved at 18:01:24, on 8-6-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://kilian/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [MessengerPlus3] "G:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] G:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] G:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] G:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [zBrowser Launcher] G:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] G:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "G:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [checkrun] G:\windows\system32\elitefbu32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = G:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = G:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = G:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: MaxMice Control.lnk = G:\Program Files\Maxxtro\MaxMice\MaxMice.exe
O4 - Global Startup: Monitor Apache Servers.lnk = G:\Program Files\Servers\Webserver\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: SATARaid.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\WINDOWS\System32\msjava.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10406.dll' missing
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {430DDE24-C051-11CF-95BE-0020AFF75E4F} (ichat xchat Control) - http://tank.wizards.com/chat/data/html/user/msie/msichat.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f007.mail.lycos.nl/app/uploader/FileUploader.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game13.zylomgames.com/activex/zylomloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Apache2 - Unknown owner - G:\Program Files\Servers\Webserver\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: gearsec - GEAR Software - G:\WINDOWS\system32\gearsec.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - G:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - G:/Program Files/Servers/Webserver/MYSQL/bin/mysqld-nt.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - G:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - G:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SAVScan - Symantec Corporation - G:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - G:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


Normaal
code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207

Logfile of HijackThis v1.99.1
Scan saved at 17:45:00, on 8-6-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\sstray.exe
G:\Program Files\Messenger Plus! 3\MsgPlus.exe
G:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
G:\Program Files\Common Files\Symantec Shared\ccApp.exe
G:\Program Files\Logitech\iTouch\iTouch.exe
G:\Program Files\Common Files\Real\Update_OB\realsched.exe
G:\Program Files\QuickTime\qttask.exe
G:\WINDOWS\system32\devldr32.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\MSN Messenger\msnmsgr.exe
G:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
G:\Program Files\Maxxtro\MaxMice\MaxMice.exe
G:\Program Files\Servers\Webserver\Apache2\bin\ApacheMonitor.exe
G:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
G:\Program Files\Servers\Ftpserver\FTPServer.exe
G:\Program Files\Servers\Webserver\MYSQL\bin\winmysqladmin.exe
G:\Program Files\Servers\Webserver\Apache2\bin\Apache.exe
G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
G:\WINDOWS\System32\CTsvcCDA.EXE
G:\WINDOWS\system32\gearsec.exe
G:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
G:\Program Files\Servers\Webserver\MYSQL\bin\mysqld-nt.exe
G:\Program Files\Servers\Webserver\Apache2\bin\Apache.exe
G:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
G:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
G:\WINDOWS\system32\nvsvc32.exe
G:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
G:\WINDOWS\System32\MsPMSPSv.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Messenger\msmsgs.exe
G:\Program Files\Servers\Dnsserver\DynDNS.exe
G:\Program Files\Mozilla Firefox\firefox.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [MessengerPlus3] "G:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] G:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] G:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKLM\..\Run: [Advanced Tools Check] G:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [zBrowser Launcher] G:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] G:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "G:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [checkrun] G:\windows\system32\elitefbu32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [lycosInside] G:\Program Files\lycos\Lyc_SysTray.exe
O4 - HKCU\..\Run: [DynDNS Updater] "G:\Program Files\DynDNS Updater\DynDNS.exe"
O4 - HKCU\..\Run: [msnmsgr] "G:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Quick'n Easy FTP Server.lnk = G:\Program Files\Servers\Ftpserver\FTPServer.exe
O4 - Startup: WinMySQLadmin.lnk = G:\Program Files\Servers\Webserver\MYSQL\bin\winmysqladmin.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = G:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = G:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = G:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: MaxMice Control.lnk = G:\Program Files\Maxxtro\MaxMice\MaxMice.exe
O4 - Global Startup: Monitor Apache Servers.lnk = G:\Program Files\Servers\Webserver\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: SATARaid.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\WINDOWS\System32\msjava.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10406.dll' missing
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {430DDE24-C051-11CF-95BE-0020AFF75E4F} (ichat xchat Control) - http://tank.wizards.com/chat/data/html/user/msie/msichat.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f007.mail.lycos.nl/app/uploader/FileUploader.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game13.zylomgames.com/activex/zylomloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: bw+0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {ADC35012-4D31-47A9-9693-9CFCACF620AD} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Apache2 - Unknown owner - G:\Program Files\Servers\Webserver\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: gearsec - GEAR Software - G:\WINDOWS\system32\gearsec.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - G:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - G:/Program Files/Servers/Webserver/MYSQL/bin/mysqld-nt.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - G:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - G:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SAVScan - Symantec Corporation - G:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - G:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - G:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

woensdag 8 juni 2005 19:12

Acties:

Verwijderd

scan deze file G:\windows\system32\elitefbu32.exe eens bij www.virustotal.com ik denk dat dit een nieuwe variant is van de bekende elite toolbar.

woensdag 8 juni 2005 19:54

Acties:
  • _kilian_
  • Registratie: December 2004
  • Laatst online: 10:09

_kilian_

Topicstarter
echt je bent mijn held... Inderdaad zat in dat bestand een trojan verwerkt. Op de site die je gaf kwamen de volgende resultaten

This is a report processed by VirusTotal on 06/08/2005 at 19:48:41 (CET) after scanning the file "elitefbu32.exe" file.

Antivirus Version Update Result
AntiVir 6.31.0.5 06.08.2005 TR/StartPage.nk.8.A
AVG 718 06.08.2005 no virus found
Avira 6.31.0.5 06.08.2005 TR/StartPage.nk.8.A
BitDefender 7.0 06.08.2005 Trojan.Startpage.NK
ClamAV devel-20050501 06.08.2005 Trojan.Startpage-289
DrWeb 4.32b 06.08.2005 Trojan.StartPage.564
eTrust-Iris 7.1.194.0 06.07.2005 Win32/StartPage.NK!Trojan
eTrust-Vet 11.9.1.0 06.08.2005 Win32.Startpage.QQ
Fortinet 2.27.0.0 06.08.2005 W32/StartPage.FK-tr
Ikarus 2.32 06.08.2005 Trojan.Win32.StartPage.NK
Kaspersky 4.0.2.24 06.08.2005 Trojan.Win32.StartPage.nk
McAfee 4509 06.08.2005 Generic StartPage.c
NOD32v2 1.1133 06.08.2005 Win32/StartPage.NK
Norman 5.70.10 06.07.2005 W32/Startpage.BBG
Panda 8.02.00 06.08.2005 Adware/EliteBar
Sybari 7.5.1314 06.08.2005 Trojan.Win32.StartPage.nk
Symantec 8.0 06.07.2005 no virus found
TheHacker 5.8-3.0 06.08.2005 Trojan/StartPage.nk
VBA32 3.10.3 06.08.2005 Trojan.Win32.StartPage.nk

en er was nog een bestand dat ik niet vertrouwde en maar meteen heb laten scannen en dat gaf de volgende resultaten.

This is a report processed by VirusTotal on 06/08/2005 at 19:49:31 (CET) after scanning the file "elitegau32.exe" file.

Antivirus Version Update Result
AntiVir 6.31.0.5 06.08.2005 TR/StartPage.nk.8.A
AVG 718 06.08.2005 no virus found
Avira 6.31.0.5 06.08.2005 TR/StartPage.nk.8.A
BitDefender 7.0 06.08.2005 Trojan.Startpage.NK
ClamAV devel-20050501 06.08.2005 Trojan.Startpage-289
DrWeb 4.32b 06.08.2005 Trojan.StartPage.564
eTrust-Iris 7.1.194.0 06.07.2005 Win32/StartPage.NK!Trojan
eTrust-Vet 11.9.1.0 06.08.2005 Win32.Startpage.QQ
Fortinet 2.27.0.0 06.08.2005 W32/StartPage.FK-tr
Ikarus 2.32 06.08.2005 Trojan.Win32.StartPage.NK
Kaspersky 4.0.2.24 06.08.2005 Trojan.Win32.StartPage.nk
McAfee 4509 06.08.2005 Generic StartPage.c
NOD32v2 1.1133 06.08.2005 Win32/StartPage.NK
Norman 5.70.10 06.07.2005 W32/Startpage.BBG
Panda 8.02.00 06.08.2005 Adware/EliteBar
Sybari 7.5.1314 06.08.2005 Trojan.Win32.StartPage.nk
Symantec 8.0 06.07.2005 no virus found
TheHacker 5.8-3.0 06.08.2005 Trojan/StartPage.nk
VBA32 3.10.3 06.08.2005 Trojan.Win32.StartPage.nk

Ik heb beide bestanden verwijderd en Hijackthis de verwijzingen laten verwijderen. Zoals je zie wordt het door Panda inderdaad als een variant van de Elitebar beschouwd.

Ik hoop dat het nu weg blijft. Ook na een herstart ;) maar in ieder gevaal heel erg bedankt.

P.S. wel raar trouwens dat Norton hem er niet uit haalt en de rest wel :s

woensdag 8 juni 2005 20:38

Acties:
  • ParaNoiMia
  • Registratie: Mei 2000
  • Laatst online: 27-11 12:15

ParaNoiMia

_kilian_ schreef op woensdag 08 juni 2005 @ 19:54:

P.S. wel raar trouwens dat Norton hem er niet uit haalt en de rest wel :s
Dat is niet zo raar, Norton is op het ogenblik niet echt een topscanner (om het maar voorzichtig uit te drukken ;) )

woensdag 8 juni 2005 20:53

Acties:
  • _kilian_
  • Registratie: December 2004
  • Laatst online: 10:09

_kilian_

Topicstarter
nou tis nog steeds weg... Dus heel erg bedankt voor de hulp :).. en dat het geen topscanner is.. tja.. tis makkelijk ;).. zal binnenkort wel eens naar andere gaan kijken.. heb toch vakantie :D

woensdag 8 juni 2005 20:59

Acties:

Verwijderd

een mooie aanvulling op norton is ewido www.ewido.net maar deze niet resident draaien.

donderdag 9 juni 2005 16:11

Acties:
  • chrisborst
  • Registratie: April 2004
  • Laatst online: 13:36

chrisborst

Ik heb het zelfde probleem. Steeds om de minuut een popup na een install van een progje. Computer gescant met Norton pro 2005 en met Ad-aware SE pro. Wat zooi verwijderd maar niks hielp. Toen Ad-watch aangezet en die hield de pop tegen. in de log file stond dat hij een tracking cookie blokeerde. cookie was ook van revenue.net. Toen het bestand elitejng32.exe opgespoort en verwijderd. sinds dien probeert "iets" die file weer terug te zetten. wordt door adwatch nu geblokkeerd .Hier onder staat de logfile van adwatch. Als het nodig is kan ik ook de logfile van hijthis posten. Wat kan ik aan die probleem doen??


code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133

Ad-Watch Logfile, exported on 9-6-2005
Total number of events:329
===============================================
9-6-2005 15:13:36 - Registry modification detected
Root:HKEY_LOCAL_MACHINE
Key:Software\Microsoft\Windows\CurrentVersion\Run
Value:checkrun
Data:
New Data:C:\windows\system32\elitejng32.exe



===============================================
9-6-2005 15:13:46 - Registry modification detected
Root:HKEY_LOCAL_MACHINE
Key:Software\Microsoft\Windows\CurrentVersion\Run
Value:checkrun
Data:
New Data:C:\windows\system32\elitejng32.exe



===============================================
9-6-2005 15:13:56 - Registry modification detected
Root:HKEY_LOCAL_MACHINE
Key:Software\Microsoft\Windows\CurrentVersion\Run
Value:checkrun
Data:
New Data:C:\windows\system32\elitejng32.exe



===============================================
9-6-2005 15:14:01 - Popup blocked (Microsoft Internet Explorer)
Browser event
Parentprocess:
"Microsoft Internet Explorer"
Handle:113901568
Classname:IEFrame

9-6-2005 15:14:01: Popup blocked "Microsoft Internet Explorer"

===============================================
9-6-2005 15:14:06 - Registry modification detected
Root:HKEY_LOCAL_MACHINE
Key:Software\Microsoft\Windows\CurrentVersion\Run
Value:checkrun
Data:
New Data:C:\windows\system32\elitejng32.exe



===============================================
9-6-2005 15:14:16 - Registry modification detected
Root:HKEY_LOCAL_MACHINE
Key:Software\Microsoft\Windows\CurrentVersion\Run
Value:checkrun
Data:
New Data:C:\windows\system32\elitejng32.exe



===============================================
9-6-2005 15:14:26 - Registry modification detected
Root:HKEY_LOCAL_MACHINE
Key:Software\Microsoft\Windows\CurrentVersion\Run
Value:checkrun
Data:
New Data:C:\windows\system32\elitejng32.exe



===============================================
9-6-2005 15:14:36 - Registry modification detected
Root:HKEY_LOCAL_MACHINE
Key:Software\Microsoft\Windows\CurrentVersion\Run
Value:checkrun
Data:
New Data:C:\windows\system32\elitejng32.exe



===============================================
9-6-2005 15:14:46 - Registry modification detected
Root:HKEY_LOCAL_MACHINE
Key:Software\Microsoft\Windows\CurrentVersion\Run
Value:checkrun
Data:
New Data:C:\windows\system32\elitejng32.exe



===============================================
9-6-2005 15:14:47 - Registry modification detected
Root:HKEY_CURRENT_USER
Key:Software\Microsoft\Internet Explorer\Main
Value:Search Page
Data:http://ie.search.msn.com
New Data:



===============================================
9-6-2005 15:14:47 - Registry modification detected
Root:HKEY_LOCAL_MACHINE
Key:Software\Microsoft\Internet Explorer\Main
Value:Search Page
Data:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
New Data:



===============================================
9-6-2005 15:14:47 - Registry modification detected
Root:HKEY_LOCAL_MACHINE
Key:Software\Microsoft\Internet Explorer\Main
Value:Start Page
Data:http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
New Data:about:blank



===============================================
9-6-2005 15:14:56 - Registry modification detected
Root:HKEY_LOCAL_MACHINE
Key:Software\Microsoft\Windows\CurrentVersion\Run
Value:checkrun
Data:
New Data:C:\windows\system32\elitejng32.exe



===============================================

[ Voor 87% gewijzigd door chrisborst op 09-06-2005 16:44 ]

donderdag 9 juni 2005 16:17

Acties:
  • dailyleaf
  • Registratie: December 2004
  • Laatst online: 02-10 08:48

dailyleaf

...

grapjas, met 1200 dezelfde (of irrelevfante) lijntjes code worden we niet blij. Zou je die even weg willen halen svp, topic ziet er namelijk niet meer uit

Ik zou graag willen dat je eens hitmanpro en een goede virusscanner beide in veilige modus erover gooit.

Eenmaal gestartte processen (normale modus) kunnen niet verwijderd worden en blijven daarom terugkomen.
In veilige modus worden ze niet gestart en kunnen ze dus verwijderd worden.

[ Voor 13% gewijzigd door dailyleaf op 09-06-2005 16:18 ]

Mijn post is interessanter dan mijn Sig..

Pagina: 1
Reageer

Apple iPhone 17 LG OLED evo G5 Google Pixel 10 Samsung Galaxy S25 Star Wars: Outlaws Nintendo Switch 2 Apple AirPods Pro (2e generatie) Sony PlayStation 5 Pro

Tweakers is onderdeel van DPG Media B.V.
Alle rechten voorbehouden - Auteursrecht © 1998 - 2025 Hosting door TrueFullstaq