Vermoedelijk virus op PC

kweezie wabbit · 7 januari 2012

Hoe is het verlopen met Combofix?

Heb je een logje kunnen maken?

010890falcon · 7 januari 2012

Ik ben momenteel bezig met Combofix zijn werk te laten doen maar ik kan in veilige modus mijn GData firewall en A.V. niet uitschakelen, Ik zal je op de hoogte houden als ik de Logfile kan krijgen

---------- Post toegevoegd om 12:46 ---------- Vorige post was om 12:42 ----------

Ik zie dat ik juist een foutmelding krijg dat in PEV.exe een fout is opgetreden en moet worden afgesloten tijdens de scan van combofix op mijn andere PC, ik heb gezegd fouten opsporen en nu gaat hij ,klaarblijkelijk wel verder met scannen

---------- Post toegevoegd om 12:54 ---------- Vorige post was om 12:46 ----------

ComboFix 12-01-06.03 - Chris 07/01/2012 12:42:51.2.1 - x86 NETWORK

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.781 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Chris\Bureaublad\ComboFix.exe

AV: G Data TotalCare 2012 *Enabled/Outdated* {71310606-6F3B-49F2-9A81-8315AA75FBB3}

FW: F-Secure Client Security 9.00 *Enabled* {D4747503-0346-49EB-9262-997542F79BF4}

FW: G Data Personal Firewall *Enabled* {6E6F4BA6-C07D-443F-A130-0A57DA59A082}

.

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

.

ADS - WINDOWS: deleted 0 bytes in 1 streams.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\ReadMe.txt

.

---- Voorgaande Run -------

.

C:\~WRD0000.tmp

C:\~WRD0002.tmp

C:\~WRD0003.tmp

C:\~WRD0004.tmp

C:\DFR9E.tmp

c:\documents and settings\Chris\Application Data\PriceGong\Data\1.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\a.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\b.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\c.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\d.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\e.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\f.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\g.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\h.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\i.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\J.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\k.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\l.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\m.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\n.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\o.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\p.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\q.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\r.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\s.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\t.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\u.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\v.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\w.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\x.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\y.xml

c:\documents and settings\Chris\Application Data\PriceGong\Data\z.xml

c:\windows\IsUn0413.exe

c:\windows\system32\SET132.tmp

c:\windows\system32\SET137.tmp

c:\windows\system32\SET187.tmp

c:\windows\system32\SET7DB.tmp

.

Besmet exemplaar van c:\windows\system32\drivers\volsnap.sys werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - Kitty had a snack

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_USNJSVC

-------\Service_usnjsvc

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-12-07 to 2012-01-07 ))))))))))))))))))))))))))))))

.

2012-01-06 20:09 . 2012-01-06 20:39 -------- d-sh--w- c:\documents and settings\Chris\Onlangs geopend

2012-01-06 10:33 . 2012-01-06 10:33 -------- d-----w- c:\program files\ESET

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-10 14:24 . 2011-09-13 06:59 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-23 14:40 . 2004-08-04 12:00 1859712 ----a-w- c:\windows\system32\win32k.sys

2011-11-18 07:38 . 2011-07-26 05:14 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-15 07:57 . 2010-11-08 12:44 40568 ----a-w- c:\windows\system32\drivers\HookCentre.sys

2011-11-15 07:57 . 2010-11-08 12:43 79992 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys

2011-11-15 07:57 . 2010-11-08 12:43 40440 ----a-w- c:\windows\system32\drivers\GDBehave.sys

2011-11-04 19:13 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2011-11-04 19:13 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-11-04 19:13 . 2004-08-04 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-11-04 11:25 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec

2011-11-01 16:07 . 2004-08-04 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll

2011-10-28 05:32 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll

2011-10-26 10:50 . 2004-08-04 12:00 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-10-26 10:50 . 2004-08-04 00:58 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-10-25 06:40 . 2010-11-08 12:54 69112 ----a-w- c:\windows\system32\drivers\GRD.sys

2011-10-25 06:30 . 2010-11-08 12:44 30200 ----a-w- c:\windows\system32\drivers\GDNdisIc.sys

2011-10-25 06:30 . 2010-11-08 12:44 52216 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys

2011-10-18 11:13 . 2004-08-04 12:00 186880 ----a-w- c:\windows\system32\encdec.dll

2011-10-10 14:22 . 2007-02-04 11:47 692736 ----a-w- c:\windows\system32\inetcomm.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-09-25 94208]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-03 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]

"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 16208384]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-09 7311360]

"nwiz"="nwiz.exe" [2005-12-09 1519616]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-12-09 86016]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2005-09-25 155648]

"G Data AntiVirus Tray Application"="c:\program files\G Data\TotalCare\AVKTray\AVKTray.exe" [2011-09-22 1012232]

"GDFirewallTray"="c:\program files\G Data\TotalCare\Firewall\GDFirewallTray.exe" [2011-11-08 1616904]

"Lexmark 1200 Series"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-13 57344]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-12-14 1398440]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\Chris\Menu Start\Programma's\Opstarten\

Mediacontrole Cyber-shot Viewer.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-3-3 155648]

Stardock ObjectDock.lnk - c:\windows\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe [2005-2-21 1826885]

Y'z ToolBar.lnk - c:\windows\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe [2002-9-29 90112]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-2-4 237568]

Ulead Photo Express 3.0 SE Calendar Checker.lnk - c:\program files\Ulead Systems\Ulead Photo Express 3.0 SE\calcheck.exe [2007-11-8 61440]

Watch.lnk - c:\program files\Mustek 1200 UB PLUS\Driver\WATCH.exe [2007-11-8 364544]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-05 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 17:03 1695232 ------w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

2007-01-19 11:54 5674352 ----a-w- c:\program files\MSN Messenger\msnmsgr.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=

"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"c:\\Program Files\\MSN Messenger\\livecall.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

.

R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [8/11/2010 13:43 40440]

R0 GDNdisIc;GDNdisIc;c:\windows\system32\drivers\GDNdisIc.sys [8/11/2010 13:44 30200]

R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [4/05/2011 18:54 116608]

S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [8/11/2010 13:43 79992]

S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [8/11/2010 13:54 69112]

S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [8/11/2010 13:44 40568]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17/02/2010 19:25 12880]

S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [10/05/2010 19:41 67664]

S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G DATA\AVKProxy\AVKProxy.exe [17/05/2010 16:03 1501192]

S2 AVKService;G Data Scheduler;c:\program files\G Data\TotalCare\AVK\AVKService.exe [4/05/2010 17:06 464392]

S2 AVKWCtl;G Data Bestandssysteembewaker;c:\program files\G Data\TotalCare\AVK\AVKWCtl.exe [15/03/2010 11:24 1554184]

S2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [8/11/2010 13:44 52216]

S2 gupdate1ca2cdb6cbbcd2c;Google Updateservice (gupdate1ca2cdb6cbbcd2c);c:\program files\Google\Update\GoogleUpdate.exe [3/09/2009 22:13 133104]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [21/05/2011 8:30 652872]

S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [15/09/2009 10:20 188736]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24/08/2010 10:38 92008]

S3 GDBackupSvc;G Data Backup Service;c:\program files\G Data\TotalCare\AVKBackup\AVKBackupService.exe [5/05/2010 8:26 1498616]

S3 GDFwSvc;G Data Persoonlijke Firewall;c:\program files\G Data\TotalCare\Firewall\GDFwSvc.exe [16/04/2010 5:08 1613424]

S3 GDScan;G Data Scanner;c:\program files\Common Files\G DATA\GDScan\GDScan.exe [22/04/2010 13:59 459784]

S3 GDTunerSvc;G Data Tuner Service;c:\program files\G Data\TotalCare\AVKTuner\AVKTunerService.exe [8/03/2010 2:17 960504]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/09/2009 22:13 133104]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13/09/2011 7:59 20464]

.

Inhoud van de 'Gedeelde Taken' map

.

2011-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]

.

2011-12-29 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-18 15:49]

.

2012-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-03 21:13]

.

2012-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-03 21:13]

.

2011-12-27 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

2012-01-06 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

2012-01-06 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

- c:\program files\Ask.com\UpdateTask.exe [2011-12-14 14:51]

.

2012-01-06 c:\windows\Tasks\User_Feed_Synchronization-{C9C80409-5040-4A13-9CBA-BB984394011D}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

.

- - - - ORPHANS VERWIJDERD - - - -

.

URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\Ask.com\GenericAskToolbar.dll

BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll

Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll

WebBrowser-{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll

HKCU-Run-Performance Center - c:\program files\Ascentive\Performance Center\APCMain.exe

HKCU-Run-SpeedUpMyPC - c:\progra~1\Uniblue\SPEEDU~1\launcher.exe

HKLM-Run-Gtwatch - c:\windows\gtwatch.exe

AddRemove-Mustek 1200 UB PLUS v1.2 - c:\windows\TWAIN_32\S6U12BX\UNINST.EXE

AddRemove-Ulead Photo Express 3.0 SE - c:\windows\IsUn0413.exe

AddRemove-{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 - c:\program files\Uniblue\SpeedUpMyPC\unins000.exe

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-01-07 12:48

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(576)

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

Voltooingstijd: 2012-01-07 12:49:53

ComboFix-quarantined-files.txt 2012-01-07 11:49

.

Pre-Run: 14.669.627.392 bytes beschikbaar

Post-Run: 14.622.019.584 bytes beschikbaar

.

- - End Of File - - E739029CE833BAD36C313C2E903B1BDA

kweezie wabbit · 8 januari 2012

Open een nieuw kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

Folder::

c:\program files\Ask.com

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ApnUpdater"=-

Sla dit bestand op je bureaublad op als CFScript

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

010890falcon · 8 januari 2012

ComboFix 12-01-06.03 - Chris 08/01/2012 18:53:55.3.1 - x86 NETWORK

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.780 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Chris\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Chris\Bureaublad\CFScript.txt

AV: G Data TotalCare 2012 *Enabled/Outdated* {71310606-6F3B-49F2-9A81-8315AA75FBB3}

FW: F-Secure Client Security 9.00 *Enabled* {D4747503-0346-49EB-9262-997542F79BF4}

FW: G Data Personal Firewall *Enabled* {6E6F4BA6-C07D-443F-A130-0A57DA59A082}

.

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

.

FILE ::

"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\Ask.com

c:\program files\Ask.com\assets\oobe\b.png

c:\program files\Ask.com\assets\oobe\bl.png

c:\program files\Ask.com\assets\oobe\br.png

c:\program files\Ask.com\assets\oobe\l.png

c:\program files\Ask.com\assets\oobe\pointer.png

c:\program files\Ask.com\assets\oobe\r.png

c:\program files\Ask.com\assets\oobe\t.png

c:\program files\Ask.com\assets\oobe\tl.png

c:\program files\Ask.com\assets\oobe\tr.png

c:\program files\Ask.com\cobrand.ico

c:\program files\Ask.com\config.xml

c:\program files\Ask.com\favicon.ico

c:\program files\Ask.com\mupcfg.xml

c:\program files\Ask.com\precache.exe

c:\program files\Ask.com\SaUpdate.exe

c:\program files\Ask.com\Updater\config.xml

c:\program files\Ask.com\Updater\Updater.exe

c:\program files\Ask.com\UpdateTask.exe

c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-12-08 to 2012-01-08 ))))))))))))))))))))))))))))))

.

2012-01-06 20:09 . 2012-01-07 12:06 -------- d-sh--w- c:\documents and settings\Chris\Onlangs geopend