| 1 | f88.23ac: Log file opened: 5.2.33r133385 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa04a2400
|
|---|
| 2 | f88.23ac: \SystemRoot\System32\ntdll.dll:
|
|---|
| 3 | f88.23ac: CreationTime: 2019-09-08T05:57:01.114795400Z
|
|---|
| 4 | f88.23ac: LastWriteTime: 2019-09-08T05:57:01.124690100Z
|
|---|
| 5 | f88.23ac: ChangeTime: 2019-09-16T19:44:30.719367700Z
|
|---|
| 6 | f88.23ac: FileAttributes: 0x20
|
|---|
| 7 | f88.23ac: Size: 0x1eb4d8
|
|---|
| 8 | f88.23ac: NT Headers: 0xd8
|
|---|
| 9 | f88.23ac: Timestamp: 0x90e8446
|
|---|
| 10 | f88.23ac: Machine: 0x8664 - amd64
|
|---|
| 11 | f88.23ac: Timestamp: 0x90e8446
|
|---|
| 12 | f88.23ac: Image Version: 10.0
|
|---|
| 13 | f88.23ac: SizeOfImage: 0x1f4000 (2048000)
|
|---|
| 14 | f88.23ac: Resource Dir: 0x183000 LB 0x6fb00
|
|---|
| 15 | f88.23ac: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 16 | f88.23ac: [Raw version resource data: 0x1830f0 LB 0x380, codepage 0x0 (reserved 0x0)]
|
|---|
| 17 | f88.23ac: ProductName: Microsoft® Windows® Operating System
|
|---|
| 18 | f88.23ac: ProductVersion: 10.0.18980.1
|
|---|
| 19 | f88.23ac: FileVersion: 10.0.18980.1 (WinBuild.160101.0800)
|
|---|
| 20 | f88.23ac: FileDescription: NT Layer DLL
|
|---|
| 21 | f88.23ac: \SystemRoot\System32\kernel32.dll:
|
|---|
| 22 | f88.23ac: CreationTime: 2019-09-08T05:57:17.328473300Z
|
|---|
| 23 | f88.23ac: LastWriteTime: 2019-09-08T05:57:17.328473300Z
|
|---|
| 24 | f88.23ac: ChangeTime: 2019-09-16T19:44:27.750819400Z
|
|---|
| 25 | f88.23ac: FileAttributes: 0x20
|
|---|
| 26 | f88.23ac: Size: 0xb9a18
|
|---|
| 27 | f88.23ac: NT Headers: 0xf0
|
|---|
| 28 | f88.23ac: Timestamp: 0xdc54b356
|
|---|
| 29 | f88.23ac: Machine: 0x8664 - amd64
|
|---|
| 30 | f88.23ac: Timestamp: 0xdc54b356
|
|---|
| 31 | f88.23ac: Image Version: 10.0
|
|---|
| 32 | f88.23ac: SizeOfImage: 0xbd000 (774144)
|
|---|
| 33 | f88.23ac: Resource Dir: 0xbb000 LB 0x520
|
|---|
| 34 | f88.23ac: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 35 | f88.23ac: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
|
|---|
| 36 | f88.23ac: ProductName: Microsoft® Windows® Operating System
|
|---|
| 37 | f88.23ac: ProductVersion: 10.0.18980.1
|
|---|
| 38 | f88.23ac: FileVersion: 10.0.18980.1 (WinBuild.160101.0800)
|
|---|
| 39 | f88.23ac: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 40 | f88.23ac: \SystemRoot\System32\KernelBase.dll:
|
|---|
| 41 | f88.23ac: CreationTime: 2019-09-08T05:57:01.194123700Z
|
|---|
| 42 | f88.23ac: LastWriteTime: 2019-09-08T05:57:01.204070400Z
|
|---|
| 43 | f88.23ac: ChangeTime: 2019-09-16T19:44:27.782067000Z
|
|---|
| 44 | f88.23ac: FileAttributes: 0x20
|
|---|
| 45 | f88.23ac: Size: 0x2bfe60
|
|---|
| 46 | f88.23ac: NT Headers: 0xf8
|
|---|
| 47 | f88.23ac: Timestamp: 0x832a732f
|
|---|
| 48 | f88.23ac: Machine: 0x8664 - amd64
|
|---|
| 49 | f88.23ac: Timestamp: 0x832a732f
|
|---|
| 50 | f88.23ac: Image Version: 10.0
|
|---|
| 51 | f88.23ac: SizeOfImage: 0x2c1000 (2887680)
|
|---|
| 52 | f88.23ac: Resource Dir: 0x298000 LB 0x548
|
|---|
| 53 | f88.23ac: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 54 | f88.23ac: [Raw version resource data: 0x2980b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
|
|---|
| 55 | f88.23ac: ProductName: Microsoft® Windows® Operating System
|
|---|
| 56 | f88.23ac: ProductVersion: 10.0.18980.1
|
|---|
| 57 | f88.23ac: FileVersion: 10.0.18980.1 (WinBuild.160101.0800)
|
|---|
| 58 | f88.23ac: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 59 | f88.23ac: \SystemRoot\System32\apisetschema.dll:
|
|---|
| 60 | f88.23ac: CreationTime: 2019-09-08T05:56:07.800028200Z
|
|---|
| 61 | f88.23ac: LastWriteTime: 2019-09-08T05:56:07.800028200Z
|
|---|
| 62 | f88.23ac: ChangeTime: 2019-09-16T19:44:13.125446100Z
|
|---|
| 63 | f88.23ac: FileAttributes: 0x20
|
|---|
| 64 | f88.23ac: Size: 0x1e330
|
|---|
| 65 | f88.23ac: NT Headers: 0xd0
|
|---|
| 66 | f88.23ac: Timestamp: 0xd856aa4b
|
|---|
| 67 | f88.23ac: Machine: 0x8664 - amd64
|
|---|
| 68 | f88.23ac: Timestamp: 0xd856aa4b
|
|---|
| 69 | f88.23ac: Image Version: 10.0
|
|---|
| 70 | f88.23ac: SizeOfImage: 0x20000 (131072)
|
|---|
| 71 | f88.23ac: Resource Dir: 0x1f000 LB 0x408
|
|---|
| 72 | f88.23ac: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 73 | f88.23ac: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
|
|---|
| 74 | f88.23ac: ProductName: Microsoft® Windows® Operating System
|
|---|
| 75 | f88.23ac: ProductVersion: 10.0.18980.1
|
|---|
| 76 | f88.23ac: FileVersion: 10.0.18980.1 (WinBuild.160101.0800)
|
|---|
| 77 | f88.23ac: FileDescription: ApiSet Schema DLL
|
|---|
| 78 | f88.23ac: NtOpenDirectoryObject failed on \Driver: 0xc0000022
|
|---|
| 79 | f88.23ac: supR3HardenedWinFindAdversaries: 0x0
|
|---|
| 80 | f88.23ac: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
|
|---|
| 81 | f88.23ac: Calling main()
|
|---|
| 82 | f88.23ac: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
|
|---|
| 83 | f88.23ac: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
|
|---|
| 84 | f88.23ac: SUPR3HardenedMain: Respawn #1
|
|---|
| 85 | f88.23ac: System32: \Device\HarddiskVolume4\Windows\System32
|
|---|
| 86 | f88.23ac: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
|
|---|
| 87 | f88.23ac: KnownDllPath: C:\WINDOWS\System32
|
|---|
| 88 | f88.23ac: supR3HardenedWinInit: Performing a limited self purification...
|
|---|
| 89 | f88.23ac: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
|
|---|
| 90 | f88.23ac: *0000000000000000-000000000052ffff 0x0001/0x0000 0x0000000
|
|---|
| 91 | f88.23ac: *0000000000530000-000000000053ffff 0x0004/0x0004 0x0040000
|
|---|
| 92 | f88.23ac: 0000000000540000-000000000054ffff 0x0001/0x0000 0x0000000
|
|---|
| 93 | f88.23ac: *0000000000550000-000000000056cfff 0x0002/0x0002 0x0040000
|
|---|
| 94 | f88.23ac: 000000000056d000-000000000056ffff 0x0001/0x0000 0x0000000
|
|---|
| 95 | f88.23ac: *0000000000570000-0000000000573fff 0x0002/0x0002 0x0040000
|
|---|
| 96 | f88.23ac: 0000000000574000-000000000057ffff 0x0001/0x0000 0x0000000
|
|---|
| 97 | f88.23ac: *0000000000580000-0000000000581fff 0x0004/0x0004 0x0020000
|
|---|
| 98 | f88.23ac: 0000000000582000-000000000058ffff 0x0001/0x0000 0x0000000
|
|---|
| 99 | f88.23ac: *0000000000590000-0000000000591fff 0x0004/0x0004 0x0020000
|
|---|
| 100 | f88.23ac: 0000000000592000-00000000005a9fff 0x0000/0x0004 0x0020000
|
|---|
| 101 | f88.23ac: 00000000005aa000-00000000005fffff 0x0001/0x0000 0x0000000
|
|---|
| 102 | f88.23ac: *0000000000600000-000000000070efff 0x0000/0x0004 0x0020000
|
|---|
| 103 | f88.23ac: 000000000070f000-0000000000711fff 0x0004/0x0004 0x0020000
|
|---|
| 104 | f88.23ac: 0000000000712000-00000000007fffff 0x0000/0x0004 0x0020000
|
|---|
| 105 | f88.23ac: *0000000000800000-00000000008b8fff 0x0000/0x0004 0x0020000
|
|---|
| 106 | f88.23ac: 00000000008b9000-00000000008bbfff 0x0104/0x0004 0x0020000
|
|---|
| 107 | f88.23ac: 00000000008bc000-00000000008fffff 0x0004/0x0004 0x0020000
|
|---|
| 108 | f88.23ac: 0000000000900000-000000000093ffff 0x0001/0x0000 0x0000000
|
|---|
| 109 | f88.23ac: *0000000000940000-0000000000944fff 0x0004/0x0004 0x0020000
|
|---|
| 110 | f88.23ac: 0000000000945000-0000000000a3ffff 0x0000/0x0004 0x0020000
|
|---|
| 111 | f88.23ac: *0000000000a40000-0000000000b07fff 0x0002/0x0002 0x0040000
|
|---|
| 112 | f88.23ac: 0000000000b08000-0000000000b0ffff 0x0001/0x0000 0x0000000
|
|---|
| 113 | f88.23ac: *0000000000b10000-0000000000b2cfff 0x0004/0x0004 0x0020000
|
|---|
| 114 | f88.23ac: 0000000000b2d000-0000000000c0ffff 0x0000/0x0004 0x0020000
|
|---|
| 115 | f88.23ac: 0000000000c10000-0000000000caffff 0x0001/0x0000 0x0000000
|
|---|
| 116 | f88.23ac: *0000000000cb0000-0000000000cbefff 0x0004/0x0004 0x0020000
|
|---|
| 117 | f88.23ac: 0000000000cbf000-0000000000cbffff 0x0000/0x0004 0x0020000
|
|---|
| 118 | f88.23ac: *0000000000cc0000-0000000000ccafff 0x0000/0x0004 0x0020000
|
|---|
| 119 | f88.23ac: 0000000000ccb000-0000000000ebffff 0x0004/0x0004 0x0020000
|
|---|
| 120 | f88.23ac: 0000000000ec0000-0000000000ec0fff 0x0000/0x0004 0x0020000
|
|---|
| 121 | f88.23ac: 0000000000ec1000-000000007ffdffff 0x0001/0x0000 0x0000000
|
|---|
| 122 | f88.23ac: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
|
|---|
| 123 | f88.23ac: 000000007ffe1000-000000007ffebfff 0x0001/0x0000 0x0000000
|
|---|
| 124 | f88.23ac: *000000007ffec000-000000007ffecfff 0x0002/0x0002 0x0020000
|
|---|
| 125 | f88.23ac: 000000007ffed000-00007ff46dfbffff 0x0001/0x0000 0x0000000
|
|---|
| 126 | f88.23ac: *00007ff46dfc0000-00007ff46dfc4fff 0x0002/0x0002 0x0040000
|
|---|
| 127 | f88.23ac: 00007ff46dfc5000-00007ff46e0bffff 0x0000/0x0002 0x0040000
|
|---|
| 128 | f88.23ac: *00007ff46e0c0000-00007ff56e0dffff 0x0000/0x0004 0x0020000
|
|---|
| 129 | f88.23ac: *00007ff56e0e0000-00007ff5700dffff 0x0000/0x0004 0x0020000
|
|---|
| 130 | f88.23ac: 00007ff5700e0000-00007ff5700e0fff 0x0004/0x0004 0x0020000
|
|---|
| 131 | f88.23ac: 00007ff5700e1000-00007ff5700effff 0x0001/0x0000 0x0000000
|
|---|
| 132 | f88.23ac: *00007ff5700f0000-00007ff5700f0fff 0x0002/0x0002 0x0040000
|
|---|
| 133 | f88.23ac: 00007ff5700f1000-00007ff5700fffff 0x0001/0x0000 0x0000000
|
|---|
| 134 | f88.23ac: *00007ff570100000-00007ff570122fff 0x0002/0x0002 0x0040000
|
|---|
| 135 | f88.23ac: 00007ff570123000-00007ff6f1b4ffff 0x0001/0x0000 0x0000000
|
|---|
| 136 | f88.23ac: *00007ff6f1b50000-00007ff6f1b50fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 137 | f88.23ac: 00007ff6f1b51000-00007ff6f1bc2fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 138 | f88.23ac: 00007ff6f1bc3000-00007ff6f1bc3fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 139 | f88.23ac: 00007ff6f1bc4000-00007ff6f1c0afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 140 | f88.23ac: 00007ff6f1c0b000-00007ff6f1c0dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 141 | f88.23ac: 00007ff6f1c0e000-00007ff6f1c10fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 142 | f88.23ac: 00007ff6f1c11000-00007ff6f1c13fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 143 | f88.23ac: 00007ff6f1c14000-00007ff6f1c14fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 144 | f88.23ac: 00007ff6f1c15000-00007ff6f1c16fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 145 | f88.23ac: 00007ff6f1c17000-00007ff6f1c17fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 146 | f88.23ac: 00007ff6f1c18000-00007ff6f1c5ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 147 | f88.23ac: 00007ff6f1c60000-00007ffb4ff3ffff 0x0001/0x0000 0x0000000
|
|---|
| 148 | f88.23ac: *00007ffb4ff40000-00007ffb4ff40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
|
|---|
| 149 | f88.23ac: 00007ffb4ff41000-00007ffb5004efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
|
|---|
| 150 | f88.23ac: 00007ffb5004f000-00007ffb501c2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
|
|---|
| 151 | f88.23ac: 00007ffb501c3000-00007ffb501c6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
|
|---|
| 152 | f88.23ac: 00007ffb501c7000-00007ffb501c7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
|
|---|
| 153 | f88.23ac: 00007ffb501c8000-00007ffb50200fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
|
|---|
| 154 | f88.23ac: 00007ffb50201000-00007ffb520cffff 0x0001/0x0000 0x0000000
|
|---|
| 155 | f88.23ac: *00007ffb520d0000-00007ffb520d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
|
|---|
| 156 | f88.23ac: 00007ffb520d1000-00007ffb5214efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
|
|---|
| 157 | f88.23ac: 00007ffb5214f000-00007ffb52181fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
|
|---|
| 158 | f88.23ac: 00007ffb52182000-00007ffb52182fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
|
|---|
| 159 | f88.23ac: 00007ffb52183000-00007ffb52183fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
|
|---|
| 160 | f88.23ac: 00007ffb52184000-00007ffb5218cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
|
|---|
| 161 | f88.23ac: 00007ffb5218d000-00007ffb526cffff 0x0001/0x0000 0x0000000
|
|---|
| 162 | f88.23ac: *00007ffb526d0000-00007ffb526d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 163 | f88.23ac: 00007ffb526d1000-00007ffb527eafff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 164 | f88.23ac: 00007ffb527eb000-00007ffb52832fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 165 | f88.23ac: 00007ffb52833000-00007ffb52833fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 166 | f88.23ac: 00007ffb52834000-00007ffb52835fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 167 | f88.23ac: 00007ffb52836000-00007ffb5283efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 168 | f88.23ac: 00007ffb5283f000-00007ffb528c3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 169 | f88.23ac: 00007ffb528c4000-00007ffffffeffff 0x0001/0x0000 0x0000000
|
|---|
| 170 | f88.23ac: kernel32.dll: timestamp 0xdc54b356 (rc=VINF_SUCCESS)
|
|---|
| 171 | f88.23ac: kernelbase.dll: timestamp 0x832a732f (rc=VINF_SUCCESS)
|
|---|
| 172 | f88.23ac: VirtualBox.exe: timestamp 0x5d7f5b47 (rc=VINF_SUCCESS)
|
|---|
| 173 | f88.23ac: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 174 | f88.23ac: \Device\HarddiskVolume4\Windows\System32\ntdll.dll: VERR_CR_X509_CPV_NOT_VALID_AT_TIME for 0x90e8446; retrying against current time: 0x5d82afe5.
|
|---|
| 175 | f88.23ac: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
|
|---|
| 176 | f88.23ac: \Device\HarddiskVolume4\Windows\System32\kernel32.dll: VERR_CR_X509_CPV_NOT_VALID_AT_TIME for 0xdc54b356; retrying against current time: 0x5d82afe5.
|
|---|
| 177 | f88.23ac: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll: VERR_CR_X509_CPV_NOT_VALID_AT_TIME for 0x832a732f; retrying against current time: 0x5d82afe5.
|
|---|
| 178 | f88.23ac: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
|
|---|
| 179 | f88.23ac: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 180 | f88.23ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
|
|---|
| 181 | f88.23ac: supR3HardNtEnableThreadCreationEx:
|
|---|
| 182 | f88.23ac: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffb5273d670 pvNtTerminateThread=00007ffb5276d430
|
|---|
| 183 | f88.23ac: supR3HardenedWinDoReSpawn(1): New child 2210.222c [kernel32].
|
|---|
| 184 | f88.23ac: supR3HardNtChildGatherData: PebBaseAddress=0000000000f95000 cbPeb=0x388
|
|---|
| 185 | f88.23ac: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffb526d0000 uNtDllChildAddr=00007ffb526d0000
|
|---|
| 186 | f88.23ac: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffb5273d670
|
|---|
| 187 | f88.23ac: supR3HardenedWinSetupChildInit: Start child.
|
|---|
| 188 | f88.23ac: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
|
|---|
| 189 | f88.23ac: supR3HardNtChildPurify: Startup delay kludge #1/0: 263 ms, 15 sleeps
|
|---|
| 190 | f88.23ac: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
|
|---|
| 191 | f88.23ac: *0000000000000000-0000000000d3ffff 0x0001/0x0000 0x0000000
|
|---|
| 192 | f88.23ac: *0000000000d40000-0000000000d5ffff 0x0004/0x0004 0x0020000
|
|---|
| 193 | f88.23ac: *0000000000d60000-0000000000d7cfff 0x0002/0x0002 0x0040000
|
|---|
| 194 | f88.23ac: 0000000000d7d000-0000000000d7ffff 0x0001/0x0000 0x0000000
|
|---|
| 195 | f88.23ac: *0000000000d80000-0000000000d83fff 0x0002/0x0002 0x0040000
|
|---|
| 196 | f88.23ac: 0000000000d84000-0000000000d8ffff 0x0001/0x0000 0x0000000
|
|---|
| 197 | f88.23ac: *0000000000d90000-0000000000d91fff 0x0004/0x0004 0x0020000
|
|---|
| 198 | f88.23ac: 0000000000d92000-0000000000dfffff 0x0001/0x0000 0x0000000
|
|---|
| 199 | f88.23ac: *0000000000e00000-0000000000f94fff 0x0000/0x0004 0x0020000
|
|---|
| 200 | f88.23ac: 0000000000f95000-0000000000f97fff 0x0004/0x0004 0x0020000
|
|---|
| 201 | f88.23ac: 0000000000f98000-0000000000ffffff 0x0000/0x0004 0x0020000
|
|---|
| 202 | f88.23ac: *0000000001000000-00000000010fafff 0x0000/0x0004 0x0020000
|
|---|
| 203 | f88.23ac: 00000000010fb000-00000000010fdfff 0x0104/0x0004 0x0020000
|
|---|
| 204 | f88.23ac: 00000000010fe000-00000000010fffff 0x0004/0x0004 0x0020000
|
|---|
| 205 | f88.23ac: 0000000001100000-000000007ffdffff 0x0001/0x0000 0x0000000
|
|---|
| 206 | f88.23ac: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
|
|---|
| 207 | f88.23ac: 000000007ffe1000-000000007ffebfff 0x0001/0x0000 0x0000000
|
|---|
| 208 | f88.23ac: *000000007ffec000-000000007ffecfff 0x0002/0x0002 0x0020000
|
|---|
| 209 | f88.23ac: 000000007ffed000-00007ff5a20cffff 0x0001/0x0000 0x0000000
|
|---|
| 210 | f88.23ac: *00007ff5a20d0000-00007ff5a20d0fff 0x0002/0x0002 0x0040000
|
|---|
| 211 | f88.23ac: 00007ff5a20d1000-00007ff5a20dffff 0x0001/0x0000 0x0000000
|
|---|
| 212 | f88.23ac: *00007ff5a20e0000-00007ff5a2102fff 0x0002/0x0002 0x0040000
|
|---|
| 213 | f88.23ac: 00007ff5a2103000-00007ff6f1b4ffff 0x0001/0x0000 0x0000000
|
|---|
| 214 | f88.23ac: *00007ff6f1b50000-00007ff6f1b50fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 215 | f88.23ac: 00007ff6f1b51000-00007ff6f1bc2fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 216 | f88.23ac: 00007ff6f1bc3000-00007ff6f1bc3fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 217 | f88.23ac: 00007ff6f1bc4000-00007ff6f1c0afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 218 | f88.23ac: 00007ff6f1c0b000-00007ff6f1c0bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 219 | f88.23ac: 00007ff6f1c0c000-00007ff6f1c0cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 220 | f88.23ac: 00007ff6f1c0d000-00007ff6f1c11fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 221 | f88.23ac: 00007ff6f1c12000-00007ff6f1c12fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 222 | f88.23ac: 00007ff6f1c13000-00007ff6f1c13fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 223 | f88.23ac: 00007ff6f1c14000-00007ff6f1c17fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 224 | f88.23ac: 00007ff6f1c18000-00007ff6f1c5ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 225 | f88.23ac: 00007ff6f1c60000-00007ffb526cffff 0x0001/0x0000 0x0000000
|
|---|
| 226 | f88.23ac: *00007ffb526d0000-00007ffb526d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 227 | f88.23ac: 00007ffb526d1000-00007ffb527eafff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 228 | f88.23ac: 00007ffb527eb000-00007ffb52832fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 229 | f88.23ac: 00007ffb52833000-00007ffb5283efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 230 | f88.23ac: 00007ffb5283f000-00007ffb5284dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 231 | f88.23ac: 00007ffb5284e000-00007ffb5284efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 232 | f88.23ac: 00007ffb5284f000-00007ffb52851fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 233 | f88.23ac: 00007ffb52852000-00007ffb528c3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 234 | f88.23ac: 00007ffb528c4000-00007ffffffeffff 0x0001/0x0000 0x0000000
|
|---|
| 235 | f88.23ac: supR3HardNtChildPurify: Done after 263 ms and 0 fixes (loop #0).
|
|---|
| 236 | 2210.222c: Log file opened: 5.2.33r133385 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a2400
|
|---|
| 237 | 2210.222c: supR3HardenedVmProcessInit: uNtDllAddr=00007ffb526d0000 g_uNtVerCombined=0xa04a2400
|
|---|
| 238 | 2210.222c: ntdll.dll: timestamp 0x90e8446 (rc=VINF_SUCCESS)
|
|---|
| 239 | 2210.222c: New simple heap: #1 0000000001200000 LB 0x400000 (for 2048000 allocation)
|
|---|
| 240 | f88.23ac: supR3HardNtEnableThreadCreationEx:
|
|---|
| 241 | 2210.222c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
|
|---|
| 242 | 2210.222c: System32: \Device\HarddiskVolume4\Windows\System32
|
|---|
| 243 | 2210.222c: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
|
|---|
| 244 | 2210.222c: KnownDllPath: C:\WINDOWS\System32
|
|---|
| 245 | 2210.222c: supR3HardenedVmProcessInit: Opening vboxdrv stub...
|
|---|
| 246 | 2210.222c: Error opening VBoxDrvStub: STATUS_OBJECT_NAME_NOT_FOUND
|
|---|
| 247 | 2210.222c: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc0000034
|
|---|
| 248 | 2210.222c: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
|
|---|
| 249 | 2210.222c: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 250 |
|
|---|
| 251 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|
| 252 | f88.23ac: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 253 |
|
|---|
| 254 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|
| 255 | f88.23ac: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
|
|---|
| 256 | f88.23ac: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 257 |
|
|---|
| 258 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|