Mededeling

Collapse
No announcement yet.

Laptop Windows 8.1 blijft zich herstellen

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Laptop Windows 8.1 blijft zich herstellen

    Ik ben een laptop aan het opschonen, die steeds uit zichzelf opnieuw startte en een systeemherstel forceerde.

    Doorstarten naar 8.1 deed het niet, veilige modus kon wel, maar na een reboot wilde hij weer herstellen.
    De enige manier om weer in het systeem te komen is door de herstel uit te voeren.

    Opvallend:

    search.conduit BHO in IE bij het openen van IE
    Firefox geinstalleerd maar deze kon geen verbinding maken met internet
    Norton kon niet updaten


    Ik heb mbv MBAM de search.conduit verwijderd maar ik kreeg net weer een systeemherstel.
    Nu weet ik dus niet precies naar welk punt hij gaat herstellen. In elk geval naar een punt van gisteravond.
    De Ellende is ook dat de logbestandjes ook weg zijn, deze zal ik in het vervolg even op een stickje dumpen.

    Allereerst heb ik systeemherstel even uitgegooid en opnieuw aangezet en met succes een herstelpunt gemaakt, op dit moment draait er een volledige scan van MBAM.

    Als deze klaar is post ik het log bestand + log van GMER
    Last edited by dantji; 22-01-14, 09:44.

  • #2
    MBAM LOG

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2014.01.16.04

    Windows 8 x64 NTFS
    Internet Explorer 11.0.9600.16476
    [administrator]

    22-1-2014 10:21:09
    mbam-log-2014-01-22 (10-21-09).txt

    Scan type: Volledige scan (C:\|)
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 390720
    Verstreken tijd: 53 minuut/minuten, 6 seconde(n)

    Geheugenprocessen gedetecteerd: 1
    C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> 2040 -> Zal worden verwijderd tijdens het herstarten.

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 2
    HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 2
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Slecht: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Goed: () -> Succesvol in quarantaine geplaatst en gerepareerd.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Slecht: (http://search.conduit.com/?ctid=CT33...UM=2&UP=&SSPV=) Goed: (http://www.google.com) -> Succesvol in quarantaine geplaatst en gerepareerd.

    Mappen gedetecteerd: 2
    C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Zal worden verwijderd tijdens het herstarten.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Zal worden verwijderd tijdens het herstarten.

    Bestanden gedetecteerd: 11
    C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Zal worden verwijderd tijdens het herstarten.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Zal worden verwijderd tijdens het herstarten.
    C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> Zal worden verwijderd tijdens het herstarten.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\xxxxx\AppData\Local\Temp\SPSetup.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    (einde)
    Last edited by dantji; 22-01-14, 20:41.

    Comment


    • #3
      GMER Geeft wel aan: Het proces heeft geen toegang tot het bestand omdat het door een ander proces wordt gebruikt

      Tijdens de scan krijg ik het scherm met - DCP Watchdog Violation
      Reboot volgt, let's try again!
      Last edited by dantji; 22-01-14, 11:14.

      Comment


      • #4
        GMER 2.1.19324 - http://www.gmer.net
        Rootkit scan 2014-01-22 11:33:56
        Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002d Hitachi_HTS547564A9E384 rev.JEDOA60B 596,17GB
        Running: 7bqj41q7.exe; Driver: C:\Users\xxxxx\AppData\Local\Temp\pwliyfod.sys


        ---- User code sections - GMER 2.1 ----

        .text C:\WINDOWS\system32\atiesrxx.exe[952] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffd484d169a 4 bytes [4D, 48, FD, 7F]
        .text C:\WINDOWS\system32\atiesrxx.exe[952] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffd484d16a2 4 bytes [4D, 48, FD, 7F]
        .text C:\WINDOWS\system32\atiesrxx.exe[952] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffd484d181a 4 bytes [4D, 48, FD, 7F]
        .text C:\WINDOWS\system32\atiesrxx.exe[952] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffd484d1832 4 bytes [4D, 48, FD, 7F]
        .text C:\WINDOWS\system32\atieclxx.exe[908] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffd484d169a 4 bytes [4D, 48, FD, 7F]
        .text C:\WINDOWS\system32\atieclxx.exe[908] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffd484d16a2 4 bytes [4D, 48, FD, 7F]
        .text C:\WINDOWS\system32\atieclxx.exe[908] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffd484d181a 4 bytes [4D, 48, FD, 7F]
        .text C:\WINDOWS\system32\atieclxx.exe[908] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffd484d1832 4 bytes [4D, 48, FD, 7F]

        ---- User IAT/EAT - GMER 2.1 ----

        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!_initterm] [49ff3330ec834854]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!malloc] [e18b4cea8b48d88b]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!_amsg_exit] [d478d0575c73b4c]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!_XcptFilter] [ce8b48f38b4837eb]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!swscanf_s] [c0ff0000765215ff]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!wcschr] [83473c8d46348d48]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!free] [240c8b49e97501f8]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!towupper] [48c0334506488d44]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!_wtoi] [894828247c89d58b]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!_lock] [776f15ff20245c]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!memcpy_s] [8b4840245c8b4800]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!_vsnprintf] [5024748b4848246c]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!memset] [c4834858247c8b48]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!memcmp] [245c8948c35c4130]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!memcpy] [894810246c894808]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!strchr] [20ec834857182474]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!__CxxFrameHandler3] [f88b41d98b48018b]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!_unlock] [f28b4801004c8d42]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!sqrtf] [d38e0fc83b]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!__dllonexit] [ca8e0fc83b41]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!_onexit] [437c044b3bed3300]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!memmove] [3fffffff3d04438b]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!_vsnwprintf] [c003000000b58f0f]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[msvcrt.dll!wcscmp] [8be97d044389c83b]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!RtlVirtualUnwind] [99870fd03b48d2]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!RtlLookupFunctionEntry] [d28b084b8b480000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!RtlCaptureContext] [3b480000773a15ff]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!WinSqmAddToStream] [4800000084840fc5]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!WinSqmIsOptedIn] [8b7c7c2b39084389]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!WinSqmSetDWORD] [c88b757d03390443]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!WinSqmIncrementDWORD] [8b486d7fc83b0b2b]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!EtwEventUnregister] [b6348d163480843]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!EtwEventRegister] [483f048d480c8d48]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!EtwUnregisterTraceGuids] [c68b4cc8634cd203]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!EtwRegisterTraceGuidsW] [c53b0000780a15ff]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!EtwGetTraceEnableFlags] [8325740cf8833574]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!EtwGetTraceEnableLevel] [7422f883157416f8]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!EtwGetTraceLoggerHandle] [5b9217450f88310]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!EtwEventWrite] [fffff4d4e8800040]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[ntdll.dll!EtwTraceMessage] [c9e880070057b9cc]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!CreateRectRgn] [9090c38000ffffb8]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!RestoreDC] [28ec834890c3c033]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!SaveDC] [ef981c000001dba]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!CreateCompatibleBitmap] [c0000017b8800700]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!StretchBlt] [3345c93345c2450f]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!SetStretchBltMode] [ffc88b01518d41c0]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!GetPixel] [9090cc000080bb15]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!ExtFloodFill] [909090cc909090cc]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!GetStockObject] [7fbe15ff38ec8348]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!SetMagicColors] [5c8944db33450000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!GetRegionData] [ebb410beb2024]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!GdiAlphaBlend] [4120245c89448007]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!BitBlt] [90c338c48348c38b]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!SetLayout] [48c48b48c30c418b]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!GetObjectW] [4810688948085889]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!SetTextColor] [4120788948187089]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!SetBkMode] [f18b4920ec834854]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!CreateFontIndirectW] [8b4cda8b48f88b49]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!CreateSolidBrush] [cc840fc98548e1]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!CreateDIBSection] [c3840fd285480000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!CreateCompatibleDC] [a75c9854d000000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!DeleteObject] [b9e980004003b8]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!DeleteDC] [8341002183490000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!SelectObject] [478834133750038]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[GDI32.dll!GetDeviceCaps] [c0087881412c7500]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetSystemMetrics] [6b90000b972158d]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!FindWindowExW] [793715ff000000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!PostThreadMessageW] [12f840fc33b00]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!MessageBoxW] [2da249c896600]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!InflateRect] [2d8249c896600]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!CopyRect] [4800000105b84100]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!OpenIcon] [48000000d024948d]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!FindWindowW] [78fe15ff48244c8b]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetShellWindow] [fe840fc33b0000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetSysColorBrush] [2d8249c39660000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!LoadBitmapW] [6fb910740000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!CharUpperBuffW] [e9000078d915ff00]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!CharLowerW] [602444c7000000e4]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!IsCharUpperW] [642444c700000038]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!DestroyIcon] [24848d4800000088]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetDlgItemInt] [24448948000000d0]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!IsDlgButtonChecked] [802484c74868]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetDlgCtrlID] [448b480000000300]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!InvalidateRect] [90248489484824]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!DrawIconEx] [ff60244c8d480000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!MoveWindow] [4489480000785b15]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!EnumChildWindows] [2a75fff883485024]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!EndTask] [143d0000787a15ff]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SendMessageTimeoutW] [7153d1574000007]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SetWindowLongW] [7173d0e740000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!LoadIconW] [7163d077400]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SetDlgItemTextW] [5c8948c38b487675]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SetDlgItemInt] [be1805c75024]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!CheckDlgButton] [8d05894800000001]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SendDlgItemMessageW] [4024548d480000b8]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!RegisterClassW] [780f15ffc88b48]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetClassInfoW] [2444c74674c33b00]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!RedrawWindow] [448d480000007060]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!CallWindowProcW] [4c20244489486024]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetWindow] [d23300007f8a0d8d]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!IsWindow] [15ff02428d44c933]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetDlgItem] [e74c33b000077f4]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!EnableWindow] [ff00007f710d8d48]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SendMessageW] [8b4890000077f315]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetFocus] [cd15ffc933402454]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!LoadImageW] [1bb000077]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!WaitForInputIdle] [2e0248c8b48c38b]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!CharNextW] [5022e8cc33480000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!DrawTextW] [2f0c481480000]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetWindowLongW] [28ec834890c35b00]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!OffsetRect] [8b44000077c215ff]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetMonitorInfoW] [700000dc0b70fd8]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!MonitorFromPoint] [c34e0f41db854580]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!ValidateRect] [909090c328c48348]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SetForegroundWindow] [800700000dc1b70f]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!ShowWindow] [9090c3c14e0fc985]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!FillRect] [c10ff000000001b8]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetClientRect] [909090c3c0ff0c41]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!EndPaint] [245c894890c3c8ff]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!BeginPaint] [4857102474894808]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!PostQuitMessage] [8548f28b4830ec83]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!KillTimer] [80004003b80775d2]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!DestroyWindow] [ff3340598d4840eb]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SetTimer] [d8d4c24753b3948]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetWindowLongPtrW] [1478d4400007f1c]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetMessageW] [33000085f90d8d48]
        IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!CreateWindowExW] [89e820245c8948d2]
        Last edited by dantji; 22-01-14, 20:42.

        Comment


        • #5
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!CreateWindowInBand] [78c085f88b000055]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!RegisterWindowMessageW] [480e89480b8b480f]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SystemParametersInfoW] [852ff118b480b8b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!UnregisterClassW] [4840245c8b48c78b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SetWindowLongPtrW] [30c483484824748b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!RegisterClassExW] [4005b89090c35f]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!LoadStringW] [ec8348539090c380]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SendNotifyMessageW] [4d00582464834860]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!LoadCursorW] [448d48da8b4cd08b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SetCursor] [c03345d98b485024]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!SetSysColors] [448d484024448948]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetSysColor] [448948d28b495824]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!ReleaseDC] [a024848b483824]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetDC] [448948cb8b490000]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!DispatchMessageW] [9824848b3024]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!TranslateMessage] [24848b2824448900]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!PeekMessageW] [2024448900000090]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!MsgWaitForMultipleObjects] [8b440000782a15ff]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!PostMessageW] [a824848b48d8]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetParent] [4c8b0674c0854800]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!EnumWindows] [75db854508895024]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[USER32.dll!GetClassNameW] [74c985480b8b4821]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrDupW] [8d485c7501fa8320]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrCmpNW] [fb83480000bb031d]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!UrlCompareW] [baf53d83482074ff]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathRemoveFileSpecW] [c1b61d8948000000]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrRStrIW] [3b834848c3834840]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathIsPrefixW] [c1c61d8b48f17500]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathIsNetworkPathW] [c1c7058b480000]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathIsRelativeW] [4052ff01b10c74d2]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!SHStrDupW] [8d480c75d28510eb]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!SHRegGetUSValueW] [fedee80000c1230d]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!UrlEscapeW] [4800000001b8ffff]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!SHCreateStreamOnFileEx] [909090c35b20c483]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrCmpNIW] [20ec834855415441]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathUnExpandEnvStringsW] [8b4ce28b4ce88b49]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrStrIW] [3b80a75c0854de9]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrCmpIW] [87e9800040]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrFormatByteSizeW] [8d4800008172058d]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathStripToRootW] [8d4c206f894c0000]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathRemoveFileSpecA] [58d48000080ab1d]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathStripPathA] [105f894c00008114]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrRChrA] [2d0d8b4818478948]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathAddBackslashW] [50ff018b480000c0]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathQuoteSpacesW] [c58b4c078b482374]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!SHRegSetPathW] [10ffcf8b48d48b49]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrToIntW] [8b4c0f74c085f08b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathAppendW] [8b4800000001ba07]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrStrW] [48c68b1850ff41cf]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathCombineW] [246c8b4840245c8b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathRemoveExtensionW] [83485024748b4848]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathFindExtensionW] [c35f5c415d4120c4]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathIsFileSpecW] [83485708245c8948]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrToIntExW] [10841c720ec]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!SHDeleteValueW] [80e0058d48c0]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!SHSetValueW] [8b48018948f98b48]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!SHGetValueW] [48da8b0000bfbb0d]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!SHRegGetValueW] [4f8d481050ff018b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrRChrW] [c3f60000310ae810]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrChrW] [69e8cf8b48087401]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!SHRegGetPathW] [8b48c78b4800003d]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathFileExistsW] [5f20c4834830245c]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathFindFileNameW] [8948c43348000088]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!StrCmpW] [197e900000001]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!SHDeleteKeyW] [c74830245c894800]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathFindNextComponentW] [840fc33b0000793c]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathIsDirectoryW] [24448b480000015c]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHLWAPI.dll!PathCommonPrefixW] [ea850fc33b4850]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHCreateShellItemArrayFromShellItem] [ffff63e908e98348]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHCreateShellItemArrayFromIDLists] [8e98348909090ff]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHCreateItemWithParent] [83485708245c8948]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHChangeNotify] [1deb2574db8548f9]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHFileOperationW] [481050ff018b4806]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHCreateItemFromIDList] [53ffc93300206383]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHQueryRecycleBinW] [c26f058b480000]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHParseDisplayName] [8548138b4818eb00]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHCreateDirectoryExW] [4052ffc9330c74d2]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHGetNameFromIDList] [e372d83b4808c383]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHGetIDListFromObject] [4f8d480e7400107f]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!ExtractIconW] [48404f8b48001067]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHCreateItemFromParsingName] [ff018b480674c985]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHGetKnownFolderPath] [15ff184f8d481050]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[SHELL32.dll!SHGetFolderPathEx] [8678300007b34]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!FileTimeToDosDateTime] [481875460000000c]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetDiskFreeSpaceExW] [48011c8d4808428b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!SetFileAttributesW] [850ffcb8b48038b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!SetFileTime] [4c7cebc0331e8948]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CreateFileMappingW] [b8b4858eb10528b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetTempFileNameW] [940f40c98548ed33]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!LCMapStringW] [39078b1e75ed85c5]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!LocalFileTimeToFileTime] [413904478b3a7501]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!MapViewOfFile] [413908478b327504]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetFileSize] [41390c478b2a7508]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!UnmapViewOfFile] [7401fa834922750c]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetLastError] [c68b4c084b8b4c30]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!LocalFree] [ff41cc8b49d78b48]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetTickCount] [75ed852e74c085d2]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetUserDefaultUILanguage] [538b4c2678c08504]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!DelayLoadFailureHook] [d2854d18c3834828]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!OpenEventW] [1c8d4908438b4812]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetNumberFormatW] [57b8ffffff79e904]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetCurrentThread] [30245c8b48800700]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetModuleHandleExW] [748b4838246c8b48]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CreateActCtxW] [4848247c8b484024]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!ReleaseActCtx] [9090c35c4120c483]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!ActivateActCtx] [74894808245c8948]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!DeactivateActCtx] [4820ec8348571024]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!WriteFile] [c03345c933450151]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!WaitForMultipleObjects] [3d15ffc0000005b9]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetExitCodeThread] [8718b48cc00007f]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!ResumeThread] [4e8b481a74f68548]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!ResetEvent] [48105e8b4816ff08]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!FileTimeToLocalFileTime] [480000421de8ce8b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!lstrlenW] [48e675db8548f38b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!DosDateTimeToFileTime] [245c8b4800086783]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!WideCharToMultiByte] [83483824748b4830]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetProcAddress] [900000c2c35f20c4]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetModuleHandleW] [c4940539c033]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!SetLastError] [245c8948c3c0950f]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetLocaleInfoW] [894810246c894808]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetSystemTimeAsFileTime] [20ec834857182474]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!QueryPerformanceCounter] [854dea8b48f08b49]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!TerminateProcess] [80004003b80775c0]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!SetUnhandledExceptionFilter] [70b90020834973eb]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!UnhandledExceptionFilter] [8007000ebf000002]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!Sleep] [d88b48000041abe8]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetCurrentThreadId] [c88b482c74c08548]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!FormatMessageW] [1d8d4c00003a0be8]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!HeapFree] [5058d480000834c]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!ExpandEnvironmentStringsW] [c3bf0d8b480843]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetFileAttributesExW] [eb0850ff018b4800]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!FindFirstFileExW] [2374db8548db3302]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetTempPathW] [8b48c68b4c038b48]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!ReleaseMutex] [f88b10ffcb8b48d5]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CreateMutexW] [ba038b4c0f74c085]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CreateThreadpoolWork] [5c8b48c78b6850ff]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!DeleteFileW] [4c0c74c985481175]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CompareFileTime] [4100000001ba018b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetCurrentProcessId] [c48348c38b6850ff]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CreateThread] [4cc88b4d90c35b20]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!FreeLibraryAndExitThread] [8327158d48c28b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!LoadLibraryExW] [9090fffffd7ee900]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!FindClose] [90c308418b0841ff]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!FindNextFileW] [8418320ec834853]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!FindFirstFileW] [8548117508598bff]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetSystemWow64DirectoryW] [1ba018b4c0c74c9]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetSystemDirectoryW] [8b1850ff41000000]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetWindowsDirectoryW] [90c35b20c48348c3]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetModuleFileNameW] [4cdb3320ec834853]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!FreeLibrary] [4003b80775c33b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!lstrcmpiW] [1a3918894943eb80]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!LoadLibraryW] [811d75045a392275]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetLongPathNameW] [1475000000c0087a]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetPrivateProfileStringW] [75460000000c7a81]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CloseHandle] [ff018b480889490b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!MulDiv] [4cc88b4d18eb0850]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CreateProcessW] [82a7158d48c28b]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!MultiByteToWideChar] [fcfae810c1834800]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!LocalAlloc] [8348c38bd88bffff]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!SetFilePointer] [10498b48c35b20c4]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!ReadFile] [900860ff48018b48]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CreateFileW] [48018b4810498b48]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CopyFileW] [10498b48901060ff]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CreateDirectoryW] [909020ff48018b48]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CompareStringOrdinal] [83485708245c8948]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!DisableThreadLibraryCalls] [11041c720ec]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetProcessHeap] [81e0058d48c0]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!WaitForSingleObject] [8d48018948f98b48]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!GetCurrentProcess] [48da8b0000819305]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!DuplicateHandle] [c24e0d8b48084189]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!CreateEventW] [1050ff018b480000]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!IsDebuggerPresent] [33a0e8cf8b48]
          IAT C:\WINDOWS\Explorer.EXE[2892] @ C:\WINDOWS\system32\themeui.dll[KERNEL32.dll!SetEvent] [cf8b48087401c3f6]

          ---- Devices - GMER 2.1 ----

          Device \Driver\NAVENG \Device\NAVENG fffff80005905bb4
          Device \Driver\NAVEX15 \Device\NAVEX15 fffff8000573951c
          Device \FileSystem\SRTSP \Device\SRTSP fffff8000552c6b0

          ---- Threads - GMER 2.1 ----

          Thread C:\WINDOWS\system32\csrss.exe [644:656] fffff9600085b4d0

          ---- Disk sectors - GMER 2.1 ----

          Disk \Device\Harddisk0\DR0 unknown MBR code

          ---- EOF - GMER 2.1 ----

          Comment


          • #6
            Computer wilde opnieuw opstarten na een update van windows en schiet weer in de automatisch herstel modus.

            Comment


            • #7
              Download Zoek.zip naar het bureaublad.
              • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.


              Antivirussoftware uitschakelen
              Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

              Zoek.exe uitvoeren
              Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
              • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
              • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
              • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
              • Klik nu op de knop "Run script".
              • Er verschijnt een popup met de melding dat er geen script aangetroffen is, druk gewoon op OK.
              • Zoek.exe gaat nu een scan + reparatie uitvoeren, bij sommige systemen kan deze langer dan een half uur duren.
              • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
              • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
              • Post het geopende logje in het volgende bericht als bijlage.


              Zoek.exe logbestand plaatsen
              • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht.
                (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)

              Windows 10 opstarten in Veilige Modus

              Comment


              • #8
                @Juisterr - Dank voor de hulp maar ik heb op verzoek van de eigenaar van de laptop een factory reset gedaan, ze was er helemaal klaar mee, in een geval als dit: U vraagt wij draaien!

                Comment


                • #9
                  Prima, bedankt voor je afmelding.

                  Windows 10 opstarten in Veilige Modus

                  Comment

                  Sorry, you are not authorized to view this page
                  Working...
                  X