| 1 | 36e4.3444: Log file opened: 5.2.8r121009 g_hStartupLog=0000000000000070 g_uNtVerCombined=0xa03fab00
|
|---|
| 2 | 36e4.3444: \SystemRoot\System32\ntdll.dll:
|
|---|
| 3 | 36e4.3444: CreationTime: 2018-05-10T00:19:44.746772700Z
|
|---|
| 4 | 36e4.3444: LastWriteTime: 2018-04-15T21:49:20.567835100Z
|
|---|
| 5 | 36e4.3444: ChangeTime: 2018-05-10T01:06:19.851272100Z
|
|---|
| 6 | 36e4.3444: FileAttributes: 0x20
|
|---|
| 7 | 36e4.3444: Size: 0x1dd108
|
|---|
| 8 | 36e4.3444: NT Headers: 0xe0
|
|---|
| 9 | 36e4.3444: Timestamp: 0xd826f10d
|
|---|
| 10 | 36e4.3444: Machine: 0x8664 - amd64
|
|---|
| 11 | 36e4.3444: Timestamp: 0xd826f10d
|
|---|
| 12 | 36e4.3444: Image Version: 10.0
|
|---|
| 13 | 36e4.3444: SizeOfImage: 0x1e0000 (1966080)
|
|---|
| 14 | 36e4.3444: Resource Dir: 0x174000 LB 0x6a1d8
|
|---|
| 15 | 36e4.3444: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 16 | 36e4.3444: [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)]
|
|---|
| 17 | 36e4.3444: ProductName: Microsoft® Windows® Operating System
|
|---|
| 18 | 36e4.3444: ProductVersion: 10.0.16299.402
|
|---|
| 19 | 36e4.3444: FileVersion: 10.0.16299.402 (WinBuild.160101.0800)
|
|---|
| 20 | 36e4.3444: FileDescription: NT Layer DLL
|
|---|
| 21 | 36e4.3444: \SystemRoot\System32\kernel32.dll:
|
|---|
| 22 | 36e4.3444: CreationTime: 2018-05-10T00:19:28.135100600Z
|
|---|
| 23 | 36e4.3444: LastWriteTime: 2018-05-03T07:43:30.892187700Z
|
|---|
| 24 | 36e4.3444: ChangeTime: 2018-05-10T01:06:17.132385000Z
|
|---|
| 25 | 36e4.3444: FileAttributes: 0x20
|
|---|
| 26 | 36e4.3444: Size: 0xab868
|
|---|
| 27 | 36e4.3444: NT Headers: 0xe8
|
|---|
| 28 | 36e4.3444: Timestamp: 0x309fae94
|
|---|
| 29 | 36e4.3444: Machine: 0x8664 - amd64
|
|---|
| 30 | 36e4.3444: Timestamp: 0x309fae94
|
|---|
| 31 | 36e4.3444: Image Version: 10.0
|
|---|
| 32 | 36e4.3444: SizeOfImage: 0xae000 (712704)
|
|---|
| 33 | 36e4.3444: Resource Dir: 0xac000 LB 0x520
|
|---|
| 34 | 36e4.3444: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 35 | 36e4.3444: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
|
|---|
| 36 | 36e4.3444: ProductName: Microsoft® Windows® Operating System
|
|---|
| 37 | 36e4.3444: ProductVersion: 10.0.16299.431
|
|---|
| 38 | 36e4.3444: FileVersion: 10.0.16299.431 (WinBuild.160101.0800)
|
|---|
| 39 | 36e4.3444: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 40 | 36e4.3444: \SystemRoot\System32\KernelBase.dll:
|
|---|
| 41 | 36e4.3444: CreationTime: 2018-05-10T00:19:20.534335000Z
|
|---|
| 42 | 36e4.3444: LastWriteTime: 2018-04-15T21:51:08.343639800Z
|
|---|
| 43 | 36e4.3444: ChangeTime: 2018-05-10T01:06:19.398124500Z
|
|---|
| 44 | 36e4.3444: FileAttributes: 0x20
|
|---|
| 45 | 36e4.3444: Size: 0x265c00
|
|---|
| 46 | 36e4.3444: NT Headers: 0xf0
|
|---|
| 47 | 36e4.3444: Timestamp: 0xde35406a
|
|---|
| 48 | 36e4.3444: Machine: 0x8664 - amd64
|
|---|
| 49 | 36e4.3444: Timestamp: 0xde35406a
|
|---|
| 50 | 36e4.3444: Image Version: 10.0
|
|---|
| 51 | 36e4.3444: SizeOfImage: 0x266000 (2514944)
|
|---|
| 52 | 36e4.3444: Resource Dir: 0x245000 LB 0x548
|
|---|
| 53 | 36e4.3444: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 54 | 36e4.3444: [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
|
|---|
| 55 | 36e4.3444: ProductName: Microsoft® Windows® Operating System
|
|---|
| 56 | 36e4.3444: ProductVersion: 10.0.16299.402
|
|---|
| 57 | 36e4.3444: FileVersion: 10.0.16299.402 (WinBuild.160101.0800)
|
|---|
| 58 | 36e4.3444: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 59 | 36e4.3444: \SystemRoot\System32\apisetschema.dll:
|
|---|
| 60 | 36e4.3444: CreationTime: 2017-09-29T13:42:07.095026600Z
|
|---|
| 61 | 36e4.3444: LastWriteTime: 2017-09-29T13:42:07.095026600Z
|
|---|
| 62 | 36e4.3444: ChangeTime: 2018-05-10T00:29:45.327235700Z
|
|---|
| 63 | 36e4.3444: FileAttributes: 0x20
|
|---|
| 64 | 36e4.3444: Size: 0x1b398
|
|---|
| 65 | 36e4.3444: NT Headers: 0xc8
|
|---|
| 66 | 36e4.3444: Timestamp: 0xf30abf31
|
|---|
| 67 | 36e4.3444: Machine: 0x8664 - amd64
|
|---|
| 68 | 36e4.3444: Timestamp: 0xf30abf31
|
|---|
| 69 | 36e4.3444: Image Version: 10.0
|
|---|
| 70 | 36e4.3444: SizeOfImage: 0x1c000 (114688)
|
|---|
| 71 | 36e4.3444: Resource Dir: 0x1b000 LB 0x408
|
|---|
| 72 | 36e4.3444: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 73 | 36e4.3444: [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
|
|---|
| 74 | 36e4.3444: ProductName: Microsoft® Windows® Operating System
|
|---|
| 75 | 36e4.3444: ProductVersion: 10.0.16299.15
|
|---|
| 76 | 36e4.3444: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
|
|---|
| 77 | 36e4.3444: FileDescription: ApiSet Schema DLL
|
|---|
| 78 | 36e4.3444: NtOpenDirectoryObject failed on \Driver: 0xc0000022
|
|---|
| 79 | 36e4.3444: supR3HardenedWinFindAdversaries: 0x20
|
|---|
| 80 | 36e4.3444: \SystemRoot\System32\drivers\cfwids.sys:
|
|---|
| 81 | 36e4.3444: CreationTime: 2015-07-02T07:33:00.000000000Z
|
|---|
| 82 | 36e4.3444: LastWriteTime: 2016-04-27T08:55:18.000000000Z
|
|---|
| 83 | 36e4.3444: ChangeTime: 2018-03-27T02:32:48.964162400Z
|
|---|
| 84 | 36e4.3444: FileAttributes: 0x20
|
|---|
| 85 | 36e4.3444: Size: 0x13328
|
|---|
| 86 | 36e4.3444: NT Headers: 0xf0
|
|---|
| 87 | 36e4.3444: Timestamp: 0x571a4aa7
|
|---|
| 88 | 36e4.3444: Machine: 0x8664 - amd64
|
|---|
| 89 | 36e4.3444: Timestamp: 0x571a4aa7
|
|---|
| 90 | 36e4.3444: Image Version: 0.0
|
|---|
| 91 | 36e4.3444: SizeOfImage: 0x16000 (90112)
|
|---|
| 92 | 36e4.3444: Resource Dir: 0x14000 LB 0x550
|
|---|
| 93 | 36e4.3444: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 94 | 36e4.3444: [Raw version resource data: 0x140a0 LB 0x318, codepage 0x0 (reserved 0x0)]
|
|---|
| 95 | 36e4.3444: ProductName: SYSCORE
|
|---|
| 96 | 36e4.3444: ProductVersion: 15.4.0.822
|
|---|
| 97 | 36e4.3444: FileVersion: SYSCORE.15.4.0.822
|
|---|
| 98 | 36e4.3444: PrivateBuild: SYSCORE.15.4.0.822
|
|---|
| 99 | 36e4.3444: FileDescription: McAfee Personal Firewall IDS Plugin
|
|---|
| 100 | 36e4.3444: \SystemRoot\System32\drivers\mfeavfk.sys:
|
|---|
| 101 | 36e4.3444: CreationTime: 2016-03-11T09:04:44.000000000Z
|
|---|
| 102 | 36e4.3444: LastWriteTime: 2016-04-27T08:55:18.000000000Z
|
|---|
| 103 | 36e4.3444: ChangeTime: 2018-03-27T02:32:48.979788000Z
|
|---|
| 104 | 36e4.3444: FileAttributes: 0x20
|
|---|
| 105 | 36e4.3444: Size: 0x55528
|
|---|
| 106 | 36e4.3444: NT Headers: 0xe8
|
|---|
| 107 | 36e4.3444: Timestamp: 0x571a4a46
|
|---|
| 108 | 36e4.3444: Machine: 0x8664 - amd64
|
|---|
| 109 | 36e4.3444: Timestamp: 0x571a4a46
|
|---|
| 110 | 36e4.3444: Image Version: 0.0
|
|---|
| 111 | 36e4.3444: SizeOfImage: 0x57000 (356352)
|
|---|
| 112 | 36e4.3444: Resource Dir: 0x55000 LB 0x758
|
|---|
| 113 | 36e4.3444: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 114 | 36e4.3444: [Raw version resource data: 0x55110 LB 0x334, codepage 0x0 (reserved 0x0)]
|
|---|
| 115 | 36e4.3444: ProductName: SYSCORE
|
|---|
| 116 | 36e4.3444: ProductVersion: 15.4.0.822
|
|---|
| 117 | 36e4.3444: FileVersion: SYSCORE.15.4.0.822
|
|---|
| 118 | 36e4.3444: PrivateBuild: SYSCORE.15.4.0.822 F15,F16,F19
|
|---|
| 119 | 36e4.3444: FileDescription: Anti-Virus File System Filter Driver
|
|---|
| 120 | 36e4.3444: \SystemRoot\System32\drivers\mfefirek.sys:
|
|---|
| 121 | 36e4.3444: CreationTime: 2015-07-02T07:33:00.000000000Z
|
|---|
| 122 | 36e4.3444: LastWriteTime: 2016-04-27T08:55:18.000000000Z
|
|---|
| 123 | 36e4.3444: ChangeTime: 2018-03-27T02:32:48.979788000Z
|
|---|
| 124 | 36e4.3444: FileAttributes: 0x20
|
|---|
| 125 | 36e4.3444: Size: 0x78728
|
|---|
| 126 | 36e4.3444: NT Headers: 0xe8
|
|---|
| 127 | 36e4.3444: Timestamp: 0x571a4a87
|
|---|
| 128 | 36e4.3444: Machine: 0x8664 - amd64
|
|---|
| 129 | 36e4.3444: Timestamp: 0x571a4a87
|
|---|
| 130 | 36e4.3444: Image Version: 0.0
|
|---|
| 131 | 36e4.3444: SizeOfImage: 0x7b000 (503808)
|
|---|
| 132 | 36e4.3444: Resource Dir: 0x77000 LB 0x388
|
|---|
| 133 | 36e4.3444: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 134 | 36e4.3444: [Raw version resource data: 0x77060 LB 0x328, codepage 0x0 (reserved 0x0)]
|
|---|
| 135 | 36e4.3444: ProductName: SYSCORE
|
|---|
| 136 | 36e4.3444: ProductVersion: 15.4.0.822
|
|---|
| 137 | 36e4.3444: FileVersion: SYSCORE.15.4.0.822
|
|---|
| 138 | 36e4.3444: PrivateBuild: SYSCORE.15.4.0.822 F17,F18
|
|---|
| 139 | 36e4.3444: FileDescription: McAfee Core Firewall Engine Driver
|
|---|
| 140 | 36e4.3444: \SystemRoot\System32\drivers\mfehidk.sys:
|
|---|
| 141 | 36e4.3444: CreationTime: 2015-07-02T07:33:00.000000000Z
|
|---|
| 142 | 36e4.3444: LastWriteTime: 2016-04-27T08:55:18.000000000Z
|
|---|
| 143 | 36e4.3444: ChangeTime: 2018-03-27T02:32:48.979788000Z
|
|---|
| 144 | 36e4.3444: FileAttributes: 0x20
|
|---|
| 145 | 36e4.3444: Size: 0xcdd28
|
|---|
| 146 | 36e4.3444: NT Headers: 0x100
|
|---|
| 147 | 36e4.3444: Timestamp: 0x571a49df
|
|---|
| 148 | 36e4.3444: Machine: 0x8664 - amd64
|
|---|
| 149 | 36e4.3444: Timestamp: 0x571a49df
|
|---|
| 150 | 36e4.3444: Image Version: 0.0
|
|---|
| 151 | 36e4.3444: SizeOfImage: 0xd9000 (888832)
|
|---|
| 152 | 36e4.3444: Resource Dir: 0xd5000 LB 0x758
|
|---|
| 153 | 36e4.3444: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 154 | 36e4.3444: [Raw version resource data: 0xd5110 LB 0x320, codepage 0x0 (reserved 0x0)]
|
|---|
| 155 | 36e4.3444: ProductName: SYSCORE
|
|---|
| 156 | 36e4.3444: ProductVersion: 15.4.0.822
|
|---|
| 157 | 36e4.3444: FileVersion: SYSCORE.15.4.0.822
|
|---|
| 158 | 36e4.3444: PrivateBuild: SYSCORE.15.4.0.822 F14,F15,F16,F18,F20
|
|---|
| 159 | 36e4.3444: FileDescription: McAfee Link Driver
|
|---|
| 160 | 36e4.3444: \SystemRoot\System32\drivers\mfencbdc.sys:
|
|---|
| 161 | 36e4.3444: CreationTime: 2016-08-01T10:26:02.000000000Z
|
|---|
| 162 | 36e4.3444: LastWriteTime: 2016-08-01T10:26:02.000000000Z
|
|---|
| 163 | 36e4.3444: ChangeTime: 2018-03-27T02:32:48.979788000Z
|
|---|
| 164 | 36e4.3444: FileAttributes: 0x20
|
|---|
| 165 | 36e4.3444: Size: 0x7ed20
|
|---|
| 166 | 36e4.3444: NT Headers: 0xe0
|
|---|
| 167 | 36e4.3444: Timestamp: 0x5763e1ef
|
|---|
| 168 | 36e4.3444: Machine: 0x8664 - amd64
|
|---|
| 169 | 36e4.3444: Timestamp: 0x5763e1ef
|
|---|
| 170 | 36e4.3444: Image Version: 0.0
|
|---|
| 171 | 36e4.3444: SizeOfImage: 0x86000 (548864)
|
|---|
| 172 | 36e4.3444: Resource Dir: 0x84000 LB 0x390
|
|---|
| 173 | 36e4.3444: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 174 | 36e4.3444: [Raw version resource data: 0x84060 LB 0x32c, codepage 0x0 (reserved 0x0)]
|
|---|
| 175 | 36e4.3444: ProductName: Anti-Malware Core
|
|---|
| 176 | 36e4.3444: ProductVersion: 1.4.1
|
|---|
| 177 | 36e4.3444: FileVersion: Anti-Malware Core.1.4.1.717.x64
|
|---|
| 178 | 36e4.3444: PrivateBuild: Anti-Malware Core.1.4.1.717.x64
|
|---|
| 179 | 36e4.3444: FileDescription: Event Driver
|
|---|
| 180 | 36e4.3444: \SystemRoot\System32\drivers\mfewfpk.sys:
|
|---|
| 181 | 36e4.3444: CreationTime: 2015-07-02T07:33:00.000000000Z
|
|---|
| 182 | 36e4.3444: LastWriteTime: 2016-04-27T08:55:18.000000000Z
|
|---|
| 183 | 36e4.3444: ChangeTime: 2018-03-27T02:32:48.979788000Z
|
|---|
| 184 | 36e4.3444: FileAttributes: 0x20
|
|---|
| 185 | 36e4.3444: Size: 0x3b720
|
|---|
| 186 | 36e4.3444: NT Headers: 0xf0
|
|---|
| 187 | 36e4.3444: Timestamp: 0x571a49f1
|
|---|
| 188 | 36e4.3444: Machine: 0x8664 - amd64
|
|---|
| 189 | 36e4.3444: Timestamp: 0x571a49f1
|
|---|
| 190 | 36e4.3444: Image Version: 0.0
|
|---|
| 191 | 36e4.3444: SizeOfImage: 0x59000 (364544)
|
|---|
| 192 | 36e4.3444: Resource Dir: 0x57000 LB 0x380
|
|---|
| 193 | 36e4.3444: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 194 | 36e4.3444: [Raw version resource data: 0x57060 LB 0x320, codepage 0x0 (reserved 0x0)]
|
|---|
| 195 | 36e4.3444: ProductName: SYSCORE
|
|---|
| 196 | 36e4.3444: ProductVersion: 15.4.0.822
|
|---|
| 197 | 36e4.3444: FileVersion: SYSCORE.15.4.0.822
|
|---|
| 198 | 36e4.3444: PrivateBuild: SYSCORE.15.4.0.822 F17,F18
|
|---|
| 199 | 36e4.3444: FileDescription: Anti-Virus Mini-Firewall Driver
|
|---|
| 200 | 36e4.3444: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume5\Program Files\VirtualBox'
|
|---|
| 201 | 36e4.3444: Calling main()
|
|---|
| 202 | 36e4.3444: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
|
|---|
| 203 | 36e4.3444: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume5\Program Files\VirtualBox'
|
|---|
| 204 | 36e4.3444: SUPR3HardenedMain: Respawn #1
|
|---|
| 205 | 36e4.3444: System32: \Device\HarddiskVolume7\Windows\System32
|
|---|
| 206 | 36e4.3444: WinSxS: \Device\HarddiskVolume7\Windows\WinSxS
|
|---|
| 207 | 36e4.3444: KnownDllPath: C:\WINDOWS\System32
|
|---|
| 208 | 36e4.3444: '\Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 209 | 36e4.3444: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe)
|
|---|
| 210 | 36e4.3444: supR3HardNtEnableThreadCreation:
|
|---|
| 211 | 36e4.3444: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffea1e39280 pvNtTerminateThread=00007ffea1e60d10
|
|---|
| 212 | 36e4.3444: supR3HardenedWinDoReSpawn(1): New child 3690.320c [kernel32].
|
|---|
| 213 | 36e4.3444: supR3HardNtChildGatherData: PebBaseAddress=0000000000308000 cbPeb=0x388
|
|---|
| 214 | 36e4.3444: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffea1dc0000 uNtDllChildAddr=00007ffea1dc0000
|
|---|
| 215 | 36e4.3444: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffea1e39280
|
|---|
| 216 | 36e4.3444: supR3HardenedWinSetupChildInit: Start child.
|
|---|
| 217 | 36e4.3444: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 11 ms.
|
|---|
| 218 | 36e4.3444: supR3HardNtChildPurify: Startup delay kludge #1/0: 521 ms, 58 sleeps
|
|---|
| 219 | 36e4.3444: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
|
|---|
| 220 | 36e4.3444: *0000000000000000-000000000009ffff 0x0001/0x0000 0x0000000
|
|---|
| 221 | 36e4.3444: *00000000000a0000-00000000000bffff 0x0004/0x0004 0x0020000
|
|---|
| 222 | 36e4.3444: *00000000000c0000-00000000000d8fff 0x0002/0x0002 0x0040000
|
|---|
| 223 | 36e4.3444: 00000000000d9000-00000000000dffff 0x0001/0x0000 0x0000000
|
|---|
| 224 | 36e4.3444: *00000000000e0000-00000000001dafff 0x0000/0x0004 0x0020000
|
|---|
| 225 | 36e4.3444: 00000000001db000-00000000001ddfff 0x0104/0x0004 0x0020000
|
|---|
| 226 | 36e4.3444: 00000000001de000-00000000001dffff 0x0004/0x0004 0x0020000
|
|---|
| 227 | 36e4.3444: *00000000001e0000-00000000001e3fff 0x0002/0x0002 0x0040000
|
|---|
| 228 | 36e4.3444: 00000000001e4000-00000000001effff 0x0001/0x0000 0x0000000
|
|---|
| 229 | 36e4.3444: *00000000001f0000-00000000001f0fff 0x0004/0x0004 0x0020000
|
|---|
| 230 | 36e4.3444: 00000000001f1000-00000000001fffff 0x0001/0x0000 0x0000000
|
|---|
| 231 | 36e4.3444: *0000000000200000-0000000000307fff 0x0000/0x0004 0x0020000
|
|---|
| 232 | 36e4.3444: 0000000000308000-000000000030afff 0x0004/0x0004 0x0020000
|
|---|
| 233 | 36e4.3444: 000000000030b000-00000000003fffff 0x0000/0x0004 0x0020000
|
|---|
| 234 | 36e4.3444: 0000000000400000-000000007ffdffff 0x0001/0x0000 0x0000000
|
|---|
| 235 | 36e4.3444: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
|
|---|
| 236 | 36e4.3444: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
|
|---|
| 237 | 36e4.3444: 000000007fff0000-00007ff65b33ffff 0x0001/0x0000 0x0000000
|
|---|
| 238 | 36e4.3444: *00007ff65b340000-00007ff65b372fff 0x0002/0x0002 0x0040000
|
|---|
| 239 | 36e4.3444: 00007ff65b373000-00007ff65b98ffff 0x0001/0x0000 0x0000000
|
|---|
| 240 | 36e4.3444: *00007ff65b990000-00007ff65b990fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe
|
|---|
| 241 | 36e4.3444: 00007ff65b991000-00007ff65ba01fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe
|
|---|
| 242 | 36e4.3444: 00007ff65ba02000-00007ff65ba02fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe
|
|---|
| 243 | 36e4.3444: 00007ff65ba03000-00007ff65ba48fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe
|
|---|
| 244 | 36e4.3444: 00007ff65ba49000-00007ff65ba49fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe
|
|---|
| 245 | 36e4.3444: 00007ff65ba4a000-00007ff65ba4afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe
|
|---|
| 246 | 36e4.3444: 00007ff65ba4b000-00007ff65ba4ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe
|
|---|
| 247 | 36e4.3444: 00007ff65ba50000-00007ff65ba50fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe
|
|---|
| 248 | 36e4.3444: 00007ff65ba51000-00007ff65ba51fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe
|
|---|
| 249 | 36e4.3444: 00007ff65ba52000-00007ff65ba55fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe
|
|---|
| 250 | 36e4.3444: 00007ff65ba56000-00007ff65ba9dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe
|
|---|
| 251 | 36e4.3444: 00007ff65ba9e000-00007ffea1dbffff 0x0001/0x0000 0x0000000
|
|---|
| 252 | 36e4.3444: *00007ffea1dc0000-00007ffea1dc0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 253 | 36e4.3444: 00007ffea1dc1000-00007ffea1ed2fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 254 | 36e4.3444: 00007ffea1ed3000-00007ffea1f18fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 255 | 36e4.3444: 00007ffea1f19000-00007ffea1f20fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 256 | 36e4.3444: 00007ffea1f21000-00007ffea1f2efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 257 | 36e4.3444: 00007ffea1f2f000-00007ffea1f2ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 258 | 36e4.3444: 00007ffea1f30000-00007ffea1f32fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 259 | 36e4.3444: 00007ffea1f33000-00007ffea1f9ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 260 | 36e4.3444: 00007ffea1fa0000-00007ffffffdffff 0x0001/0x0000 0x0000000
|
|---|
| 261 | 36e4.3444: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
|
|---|
| 262 | 36e4.3444: VirtualBox.exe: timestamp 0x5a942b95 (rc=VINF_SUCCESS)
|
|---|
| 263 | 36e4.3444: '\Device\HarddiskVolume5\Program Files\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 264 | 36e4.3444: '\Device\HarddiskVolume7\Windows\System32\ntdll.dll' has no imports
|
|---|
| 265 | 36e4.3444: supR3HardNtChildPurify: Done after 598 ms and 0 fixes (loop #0).
|
|---|
| 266 | 36e4.3444: supR3HardNtEnableThreadCreation:
|
|---|
| 267 | 3690.320c: Log file opened: 5.2.8r121009 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03fab00
|
|---|
| 268 | 3690.320c: supR3HardenedVmProcessInit: uNtDllAddr=00007ffea1dc0000 g_uNtVerCombined=0xa03fab00
|
|---|
| 269 | 3690.320c: ntdll.dll: timestamp 0xd826f10d (rc=VINF_SUCCESS)
|
|---|
| 270 | 3690.320c: New simple heap: #1 0000000000500000 LB 0x400000 (for 1966080 allocation)
|
|---|
| 271 | 3690.320c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume5\Program Files\VirtualBox'
|
|---|
| 272 | 3690.320c: System32: \Device\HarddiskVolume7\Windows\System32
|
|---|
| 273 | 3690.320c: WinSxS: \Device\HarddiskVolume7\Windows\WinSxS
|
|---|
| 274 | 3690.320c: KnownDllPath: C:\WINDOWS\System32
|
|---|
| 275 | 3690.320c: supR3HardenedVmProcessInit: Opening vboxdrv stub...
|
|---|
| 276 | 3690.320c: Error opening VBoxDrvStub: STATUS_OBJECT_NAME_NOT_FOUND
|
|---|
| 277 | 3690.320c: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc0000034
|
|---|
| 278 | 3690.320c: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
|
|---|
| 279 | 3690.320c: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 280 |
|
|---|
| 281 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|
| 282 | 36e4.3444: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 283 |
|
|---|
| 284 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|
| 285 | 36e4.3444: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
|
|---|
| 286 | 36e4.3444: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 287 |
|
|---|
| 288 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|