| 1 | 5b0.16f4: Log file opened: 5.2.6r120293 g_hStartupLog=0000000000000068 g_uNtVerCombined=0xa03fab00
|
|---|
| 2 | 5b0.16f4: \SystemRoot\System32\ntdll.dll:
|
|---|
| 3 | 5b0.16f4: CreationTime: 2018-02-20T00:08:50.390961500Z
|
|---|
| 4 | 5b0.16f4: LastWriteTime: 2018-02-10T06:15:34.902092600Z
|
|---|
| 5 | 5b0.16f4: ChangeTime: 2018-02-20T11:51:35.492825500Z
|
|---|
| 6 | 5b0.16f4: FileAttributes: 0x20
|
|---|
| 7 | 5b0.16f4: Size: 0x1dd100
|
|---|
| 8 | 5b0.16f4: NT Headers: 0xe0
|
|---|
| 9 | 5b0.16f4: Timestamp: 0xeffc9126
|
|---|
| 10 | 5b0.16f4: Machine: 0x8664 - amd64
|
|---|
| 11 | 5b0.16f4: Timestamp: 0xeffc9126
|
|---|
| 12 | 5b0.16f4: Image Version: 10.0
|
|---|
| 13 | 5b0.16f4: SizeOfImage: 0x1e0000 (1966080)
|
|---|
| 14 | 5b0.16f4: Resource Dir: 0x174000 LB 0x6a1d8
|
|---|
| 15 | 5b0.16f4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 16 | 5b0.16f4: [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)]
|
|---|
| 17 | 5b0.16f4: ProductName: Microsoft® Windows® Operating System
|
|---|
| 18 | 5b0.16f4: ProductVersion: 10.0.16299.248
|
|---|
| 19 | 5b0.16f4: FileVersion: 10.0.16299.248 (WinBuild.160101.0800)
|
|---|
| 20 | 5b0.16f4: FileDescription: NT Layer DLL
|
|---|
| 21 | 5b0.16f4: \SystemRoot\System32\kernel32.dll:
|
|---|
| 22 | 5b0.16f4: CreationTime: 2017-09-29T13:42:04.954227600Z
|
|---|
| 23 | 5b0.16f4: LastWriteTime: 2017-09-29T13:42:04.954227600Z
|
|---|
| 24 | 5b0.16f4: ChangeTime: 2018-01-08T17:21:26.779924100Z
|
|---|
| 25 | 5b0.16f4: FileAttributes: 0x20
|
|---|
| 26 | 5b0.16f4: Size: 0xab868
|
|---|
| 27 | 5b0.16f4: NT Headers: 0xe8
|
|---|
| 28 | 5b0.16f4: Timestamp: 0xc2cf900
|
|---|
| 29 | 5b0.16f4: Machine: 0x8664 - amd64
|
|---|
| 30 | 5b0.16f4: Timestamp: 0xc2cf900
|
|---|
| 31 | 5b0.16f4: Image Version: 10.0
|
|---|
| 32 | 5b0.16f4: SizeOfImage: 0xae000 (712704)
|
|---|
| 33 | 5b0.16f4: Resource Dir: 0xac000 LB 0x520
|
|---|
| 34 | 5b0.16f4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 35 | 5b0.16f4: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
|
|---|
| 36 | 5b0.16f4: ProductName: Microsoft® Windows® Operating System
|
|---|
| 37 | 5b0.16f4: ProductVersion: 10.0.16299.15
|
|---|
| 38 | 5b0.16f4: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
|
|---|
| 39 | 5b0.16f4: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 40 | 5b0.16f4: \SystemRoot\System32\KernelBase.dll:
|
|---|
| 41 | 5b0.16f4: CreationTime: 2018-02-20T00:08:34.680981400Z
|
|---|
| 42 | 5b0.16f4: LastWriteTime: 2018-02-10T06:15:53.408982400Z
|
|---|
| 43 | 5b0.16f4: ChangeTime: 2018-02-20T11:51:31.398635500Z
|
|---|
| 44 | 5b0.16f4: FileAttributes: 0x20
|
|---|
| 45 | 5b0.16f4: Size: 0x266000
|
|---|
| 46 | 5b0.16f4: NT Headers: 0xf0
|
|---|
| 47 | 5b0.16f4: Timestamp: 0x4414ec23
|
|---|
| 48 | 5b0.16f4: Machine: 0x8664 - amd64
|
|---|
| 49 | 5b0.16f4: Timestamp: 0x4414ec23
|
|---|
| 50 | 5b0.16f4: Image Version: 10.0
|
|---|
| 51 | 5b0.16f4: SizeOfImage: 0x266000 (2514944)
|
|---|
| 52 | 5b0.16f4: Resource Dir: 0x245000 LB 0x548
|
|---|
| 53 | 5b0.16f4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 54 | 5b0.16f4: [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
|
|---|
| 55 | 5b0.16f4: ProductName: Microsoft® Windows® Operating System
|
|---|
| 56 | 5b0.16f4: ProductVersion: 10.0.16299.248
|
|---|
| 57 | 5b0.16f4: FileVersion: 10.0.16299.248 (WinBuild.160101.0800)
|
|---|
| 58 | 5b0.16f4: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 59 | 5b0.16f4: \SystemRoot\System32\apisetschema.dll:
|
|---|
| 60 | 5b0.16f4: CreationTime: 2017-09-29T13:42:07.095026600Z
|
|---|
| 61 | 5b0.16f4: LastWriteTime: 2017-09-29T13:42:07.095026600Z
|
|---|
| 62 | 5b0.16f4: ChangeTime: 2018-02-20T00:18:10.804032900Z
|
|---|
| 63 | 5b0.16f4: FileAttributes: 0x20
|
|---|
| 64 | 5b0.16f4: Size: 0x1b398
|
|---|
| 65 | 5b0.16f4: NT Headers: 0xc8
|
|---|
| 66 | 5b0.16f4: Timestamp: 0xf30abf31
|
|---|
| 67 | 5b0.16f4: Machine: 0x8664 - amd64
|
|---|
| 68 | 5b0.16f4: Timestamp: 0xf30abf31
|
|---|
| 69 | 5b0.16f4: Image Version: 10.0
|
|---|
| 70 | 5b0.16f4: SizeOfImage: 0x1c000 (114688)
|
|---|
| 71 | 5b0.16f4: Resource Dir: 0x1b000 LB 0x408
|
|---|
| 72 | 5b0.16f4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 73 | 5b0.16f4: [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
|
|---|
| 74 | 5b0.16f4: ProductName: Microsoft® Windows® Operating System
|
|---|
| 75 | 5b0.16f4: ProductVersion: 10.0.16299.15
|
|---|
| 76 | 5b0.16f4: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
|
|---|
| 77 | 5b0.16f4: FileDescription: ApiSet Schema DLL
|
|---|
| 78 | 5b0.16f4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
|
|---|
| 79 | 5b0.16f4: supR3HardenedWinFindAdversaries: 0x2020
|
|---|
| 80 | 5b0.16f4: \SystemRoot\System32\drivers\mfeavfk.sys:
|
|---|
| 81 | 5b0.16f4: CreationTime: 2017-07-26T16:43:32.195825300Z
|
|---|
| 82 | 5b0.16f4: LastWriteTime: 2018-02-22T23:03:58.453438500Z
|
|---|
| 83 | 5b0.16f4: ChangeTime: 2018-02-22T23:03:58.453438500Z
|
|---|
| 84 | 5b0.16f4: FileAttributes: 0x20
|
|---|
| 85 | 5b0.16f4: Size: 0x56de8
|
|---|
| 86 | 5b0.16f4: NT Headers: 0xf8
|
|---|
| 87 | 5b0.16f4: Timestamp: 0x59ceade6
|
|---|
| 88 | 5b0.16f4: Machine: 0x8664 - amd64
|
|---|
| 89 | 5b0.16f4: Timestamp: 0x59ceade6
|
|---|
| 90 | 5b0.16f4: Image Version: 0.0
|
|---|
| 91 | 5b0.16f4: SizeOfImage: 0x57000 (356352)
|
|---|
| 92 | 5b0.16f4: Resource Dir: 0x55000 LB 0x750
|
|---|
| 93 | 5b0.16f4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 94 | 5b0.16f4: [Raw version resource data: 0x55110 LB 0x32c, codepage 0x0 (reserved 0x0)]
|
|---|
| 95 | 5b0.16f4: ProductName: SYSCORE
|
|---|
| 96 | 5b0.16f4: ProductVersion: 15.7.0.665
|
|---|
| 97 | 5b0.16f4: FileVersion: SYSCORE.15.7.0.665
|
|---|
| 98 | 5b0.16f4: PrivateBuild: SYSCORE.15.7.0.665 F15,F16,F19
|
|---|
| 99 | 5b0.16f4: FileDescription: Anti-Virus File System Filter Driver
|
|---|
| 100 | 5b0.16f4: \SystemRoot\System32\drivers\mfefirek.sys:
|
|---|
| 101 | 5b0.16f4: CreationTime: 2017-07-26T16:43:42.187712600Z
|
|---|
| 102 | 5b0.16f4: LastWriteTime: 2018-02-22T23:03:59.204439900Z
|
|---|
| 103 | 5b0.16f4: ChangeTime: 2018-02-22T23:03:59.204439900Z
|
|---|
| 104 | 5b0.16f4: FileAttributes: 0x20
|
|---|
| 105 | 5b0.16f4: Size: 0x7b9e8
|
|---|
| 106 | 5b0.16f4: NT Headers: 0xe0
|
|---|
| 107 | 5b0.16f4: Timestamp: 0x59ceaea4
|
|---|
| 108 | 5b0.16f4: Machine: 0x8664 - amd64
|
|---|
| 109 | 5b0.16f4: Timestamp: 0x59ceaea4
|
|---|
| 110 | 5b0.16f4: Image Version: 0.0
|
|---|
| 111 | 5b0.16f4: SizeOfImage: 0x7d000 (512000)
|
|---|
| 112 | 5b0.16f4: Resource Dir: 0x79000 LB 0x380
|
|---|
| 113 | 5b0.16f4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 114 | 5b0.16f4: [Raw version resource data: 0x79060 LB 0x320, codepage 0x0 (reserved 0x0)]
|
|---|
| 115 | 5b0.16f4: ProductName: SYSCORE
|
|---|
| 116 | 5b0.16f4: ProductVersion: 15.7.0.665
|
|---|
| 117 | 5b0.16f4: FileVersion: SYSCORE.15.7.0.665
|
|---|
| 118 | 5b0.16f4: PrivateBuild: SYSCORE.15.7.0.665 F17,F18
|
|---|
| 119 | 5b0.16f4: FileDescription: McAfee Core Firewall Engine Driver
|
|---|
| 120 | 5b0.16f4: \SystemRoot\System32\drivers\mfehidk.sys:
|
|---|
| 121 | 5b0.16f4: CreationTime: 2017-07-26T16:43:29.095377100Z
|
|---|
| 122 | 5b0.16f4: LastWriteTime: 2018-02-22T23:03:58.646954500Z
|
|---|
| 123 | 5b0.16f4: ChangeTime: 2018-02-22T23:03:58.646954500Z
|
|---|
| 124 | 5b0.16f4: FileAttributes: 0x20
|
|---|
| 125 | 5b0.16f4: Size: 0xe51e8
|
|---|
| 126 | 5b0.16f4: NT Headers: 0xf8
|
|---|
| 127 | 5b0.16f4: Timestamp: 0x59cead55
|
|---|
| 128 | 5b0.16f4: Machine: 0x8664 - amd64
|
|---|
| 129 | 5b0.16f4: Timestamp: 0x59cead55
|
|---|
| 130 | 5b0.16f4: Image Version: 0.0
|
|---|
| 131 | 5b0.16f4: SizeOfImage: 0xf0000 (983040)
|
|---|
| 132 | 5b0.16f4: Resource Dir: 0xec000 LB 0x750
|
|---|
| 133 | 5b0.16f4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 134 | 5b0.16f4: [Raw version resource data: 0xec110 LB 0x318, codepage 0x0 (reserved 0x0)]
|
|---|
| 135 | 5b0.16f4: ProductName: SYSCORE
|
|---|
| 136 | 5b0.16f4: ProductVersion: 15.7.0.665
|
|---|
| 137 | 5b0.16f4: FileVersion: SYSCORE.15.7.0.665
|
|---|
| 138 | 5b0.16f4: PrivateBuild: SYSCORE.15.7.0.665 F14,F15,F16,F18,F20
|
|---|
| 139 | 5b0.16f4: FileDescription: McAfee Link Driver
|
|---|
| 140 | 5b0.16f4: \SystemRoot\System32\drivers\mfewfpk.sys:
|
|---|
| 141 | 5b0.16f4: CreationTime: 2017-07-26T16:43:28.147101200Z
|
|---|
| 142 | 5b0.16f4: LastWriteTime: 2018-02-22T23:03:58.794346800Z
|
|---|
| 143 | 5b0.16f4: ChangeTime: 2018-02-22T23:03:58.794346800Z
|
|---|
| 144 | 5b0.16f4: FileAttributes: 0x20
|
|---|
| 145 | 5b0.16f4: Size: 0x3dbe8
|
|---|
| 146 | 5b0.16f4: NT Headers: 0x100
|
|---|
| 147 | 5b0.16f4: Timestamp: 0x59cead75
|
|---|
| 148 | 5b0.16f4: Machine: 0x8664 - amd64
|
|---|
| 149 | 5b0.16f4: Timestamp: 0x59cead75
|
|---|
| 150 | 5b0.16f4: Image Version: 0.0
|
|---|
| 151 | 5b0.16f4: SizeOfImage: 0x59000 (364544)
|
|---|
| 152 | 5b0.16f4: Resource Dir: 0x57000 LB 0x378
|
|---|
| 153 | 5b0.16f4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 154 | 5b0.16f4: [Raw version resource data: 0x57060 LB 0x318, codepage 0x0 (reserved 0x0)]
|
|---|
| 155 | 5b0.16f4: ProductName: SYSCORE
|
|---|
| 156 | 5b0.16f4: ProductVersion: 15.7.0.665
|
|---|
| 157 | 5b0.16f4: FileVersion: SYSCORE.15.7.0.665
|
|---|
| 158 | 5b0.16f4: PrivateBuild: SYSCORE.15.7.0.665 F17,F18
|
|---|
| 159 | 5b0.16f4: FileDescription: Anti-Virus Mini-Firewall Driver
|
|---|
| 160 | 5b0.16f4: \SystemRoot\System32\drivers\dgmaster.sys:
|
|---|
| 161 | 5b0.16f4: CreationTime: 2017-10-17T17:18:39.207673500Z
|
|---|
| 162 | 5b0.16f4: LastWriteTime: 2017-07-18T22:11:22.000000000Z
|
|---|
| 163 | 5b0.16f4: ChangeTime: 2018-01-08T17:37:57.358708200Z
|
|---|
| 164 | 5b0.16f4: FileAttributes: 0x20
|
|---|
| 165 | 5b0.16f4: Size: 0x253a80
|
|---|
| 166 | 5b0.16f4: NT Headers: 0x108
|
|---|
| 167 | 5b0.16f4: Timestamp: 0x596ea8c3
|
|---|
| 168 | 5b0.16f4: Machine: 0x8664 - amd64
|
|---|
| 169 | 5b0.16f4: Timestamp: 0x596ea8c3
|
|---|
| 170 | 5b0.16f4: Image Version: 6.3
|
|---|
| 171 | 5b0.16f4: SizeOfImage: 0x32c000 (3325952)
|
|---|
| 172 | 5b0.16f4: Resource Dir: 0x2ec000 LB 0x35f68
|
|---|
| 173 | 5b0.16f4: [Version info resource found at 0x270! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 174 | 5b0.16f4: [Raw version resource data: 0x321c30 LB 0x338, codepage 0x0 (reserved 0x0)]
|
|---|
| 175 | 5b0.16f4: ProductName: Digital Guardian
|
|---|
| 176 | 5b0.16f4: ProductVersion: 7.3
|
|---|
| 177 | 5b0.16f4: FileVersion: 7.3.2.0442
|
|---|
| 178 | 5b0.16f4: FileDescription: Digital Guardian Agent Master
|
|---|
| 179 | 5b0.16f4: supR3HardenedWinFindAdversaries: Found newer version: 0x2020 -> 0x4020
|
|---|
| 180 | 5b0.16f4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
|
|---|
| 181 | 5b0.16f4: Calling main()
|
|---|
| 182 | 5b0.16f4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
|
|---|
| 183 | 5b0.16f4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
|
|---|
| 184 | 5b0.16f4: SUPR3HardenedMain: Respawn #1
|
|---|
| 185 | 5b0.16f4: System32: \Device\HarddiskVolume3\Windows\System32
|
|---|
| 186 | 5b0.16f4: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
|
|---|
| 187 | 5b0.16f4: KnownDllPath: C:\WINDOWS\System32
|
|---|
| 188 | 5b0.16f4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 189 | 5b0.16f4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
|
|---|
| 190 | 5b0.16f4: supR3HardNtEnableThreadCreation:
|
|---|
| 191 | 5b0.16f4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffdee3391e0 pvNtTerminateThread=00007ffdee3608d0
|
|---|
| 192 | 5b0.16f4: supR3HardenedWinDoReSpawn(1): New child 6c0.36a0 [kernel32].
|
|---|
| 193 | 5b0.16f4: supR3HardNtChildGatherData: PebBaseAddress=0000000000919000 cbPeb=0x388
|
|---|
| 194 | 5b0.16f4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffdee2c0000 uNtDllChildAddr=00007ffdee2c0000
|
|---|
| 195 | 5b0.16f4: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffdee3391e0
|
|---|
| 196 | 5b0.16f4: supR3HardenedWinSetupChildInit: Start child.
|
|---|
| 197 | 5b0.16f4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
|
|---|
| 198 | 5b0.16f4: supR3HardNtChildPurify: Startup delay kludge #1/0: 516 ms, 33 sleeps
|
|---|
| 199 | 5b0.16f4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
|
|---|
| 200 | 5b0.16f4: *0000000000000000-00000000007affff 0x0001/0x0000 0x0000000
|
|---|
| 201 | 5b0.16f4: *00000000007b0000-00000000007cffff 0x0004/0x0004 0x0020000
|
|---|
| 202 | 5b0.16f4: *00000000007d0000-00000000007e8fff 0x0002/0x0002 0x0040000
|
|---|
| 203 | 5b0.16f4: 00000000007e9000-00000000007effff 0x0001/0x0000 0x0000000
|
|---|
| 204 | 5b0.16f4: *00000000007f0000-00000000007f3fff 0x0002/0x0002 0x0040000
|
|---|
| 205 | 5b0.16f4: 00000000007f4000-00000000007fffff 0x0001/0x0000 0x0000000
|
|---|
| 206 | 5b0.16f4: *0000000000800000-0000000000918fff 0x0000/0x0004 0x0020000
|
|---|
| 207 | 5b0.16f4: 0000000000919000-000000000091bfff 0x0004/0x0004 0x0020000
|
|---|
| 208 | 5b0.16f4: 000000000091c000-00000000009fffff 0x0000/0x0004 0x0020000
|
|---|
| 209 | 5b0.16f4: *0000000000a00000-0000000000afafff 0x0000/0x0004 0x0020000
|
|---|
| 210 | 5b0.16f4: 0000000000afb000-0000000000afdfff 0x0104/0x0004 0x0020000
|
|---|
| 211 | 5b0.16f4: 0000000000afe000-0000000000afffff 0x0004/0x0004 0x0020000
|
|---|
| 212 | 5b0.16f4: *0000000000b00000-0000000000b00fff 0x0004/0x0004 0x0020000
|
|---|
| 213 | 5b0.16f4: 0000000000b01000-000000007ffdffff 0x0001/0x0000 0x0000000
|
|---|
| 214 | 5b0.16f4: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
|
|---|
| 215 | 5b0.16f4: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
|
|---|
| 216 | 5b0.16f4: 000000007fff0000-00007ff7049bffff 0x0001/0x0000 0x0000000
|
|---|
| 217 | 5b0.16f4: *00007ff7049c0000-00007ff7049e2fff 0x0002/0x0002 0x0040000
|
|---|
| 218 | 5b0.16f4: 00007ff7049e3000-00007ff70569ffff 0x0001/0x0000 0x0000000
|
|---|
| 219 | 5b0.16f4: *00007ff7056a0000-00007ff7056a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 220 | 5b0.16f4: 00007ff7056a1000-00007ff705711fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 221 | 5b0.16f4: 00007ff705712000-00007ff705712fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 222 | 5b0.16f4: 00007ff705713000-00007ff705758fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 223 | 5b0.16f4: 00007ff705759000-00007ff705759fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 224 | 5b0.16f4: 00007ff70575a000-00007ff70575afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 225 | 5b0.16f4: 00007ff70575b000-00007ff70575ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 226 | 5b0.16f4: 00007ff705760000-00007ff705760fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 227 | 5b0.16f4: 00007ff705761000-00007ff705761fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 228 | 5b0.16f4: 00007ff705762000-00007ff705765fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 229 | 5b0.16f4: 00007ff705766000-00007ff7057adfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 230 | 5b0.16f4: 00007ff7057ae000-00007ffdee2bffff 0x0001/0x0000 0x0000000
|
|---|
| 231 | 5b0.16f4: *00007ffdee2c0000-00007ffdee2c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 232 | 5b0.16f4: 00007ffdee2c1000-00007ffdee3d2fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 233 | 5b0.16f4: 00007ffdee3d3000-00007ffdee418fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 234 | 5b0.16f4: 00007ffdee419000-00007ffdee420fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 235 | 5b0.16f4: 00007ffdee421000-00007ffdee42efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 236 | 5b0.16f4: 00007ffdee42f000-00007ffdee42ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 237 | 5b0.16f4: 00007ffdee430000-00007ffdee432fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 238 | 5b0.16f4: 00007ffdee433000-00007ffdee49ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 239 | 5b0.16f4: 00007ffdee4a0000-00007ffffffdffff 0x0001/0x0000 0x0000000
|
|---|
| 240 | 5b0.16f4: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
|
|---|
| 241 | 5b0.16f4: VirtualBox.exe: timestamp 0x5a5cc1cb (rc=VINF_SUCCESS)
|
|---|
| 242 | 5b0.16f4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 243 | 5b0.16f4: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
|
|---|
| 244 | 5b0.16f4: supR3HardNtChildPurify: Done after 578 ms and 0 fixes (loop #0).
|
|---|
| 245 | 5b0.16f4: supR3HardNtEnableThreadCreation:
|
|---|
| 246 | 6c0.36a0: Log file opened: 5.2.6r120293 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03fab00
|
|---|
| 247 | 6c0.36a0: supR3HardenedVmProcessInit: uNtDllAddr=00007ffdee2c0000 g_uNtVerCombined=0xa03fab00
|
|---|
| 248 | 6c0.36a0: ntdll.dll: timestamp 0xeffc9126 (rc=VINF_SUCCESS)
|
|---|
| 249 | 6c0.36a0: New simple heap: #1 0000000000c10000 LB 0x400000 (for 1966080 allocation)
|
|---|
| 250 | 6c0.36a0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
|
|---|
| 251 | 6c0.36a0: System32: \Device\HarddiskVolume3\Windows\System32
|
|---|
| 252 | 6c0.36a0: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
|
|---|
| 253 | 6c0.36a0: KnownDllPath: C:\WINDOWS\System32
|
|---|
| 254 | 6c0.36a0: supR3HardenedVmProcessInit: Opening vboxdrv stub...
|
|---|
| 255 | 6c0.36a0: Error opening VBoxDrvStub: STATUS_OBJECT_NAME_NOT_FOUND
|
|---|
| 256 | 6c0.36a0: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc0000034
|
|---|
| 257 | 6c0.36a0: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
|
|---|
| 258 | 6c0.36a0: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 259 |
|
|---|
| 260 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|
| 261 | 5b0.16f4: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 262 |
|
|---|
| 263 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|
| 264 | 5b0.16f4: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
|
|---|
| 265 | 5b0.16f4: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 266 |
|
|---|
| 267 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|