| 1 | 280.ea0: Log file opened: 5.2.33r133385 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa047ba00
|
|---|
| 2 | 280.ea0: \SystemRoot\System32\ntdll.dll:
|
|---|
| 3 | 280.ea0: CreationTime: 2019-09-19T02:13:29.590821200Z
|
|---|
| 4 | 280.ea0: LastWriteTime: 2019-09-19T02:13:29.622088800Z
|
|---|
| 5 | 280.ea0: ChangeTime: 2019-09-19T02:17:46.859025000Z
|
|---|
| 6 | 280.ea0: FileAttributes: 0x20
|
|---|
| 7 | 280.ea0: Size: 0x1e8458
|
|---|
| 8 | 280.ea0: NT Headers: 0xd8
|
|---|
| 9 | 280.ea0: Timestamp: 0xf24fc044
|
|---|
| 10 | 280.ea0: Machine: 0x8664 - amd64
|
|---|
| 11 | 280.ea0: Timestamp: 0xf24fc044
|
|---|
| 12 | 280.ea0: Image Version: 10.0
|
|---|
| 13 | 280.ea0: SizeOfImage: 0x1f0000 (2031616)
|
|---|
| 14 | 280.ea0: Resource Dir: 0x17f000 LB 0x6f310
|
|---|
| 15 | 280.ea0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 16 | 280.ea0: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
|
|---|
| 17 | 280.ea0: ProductName: Microsoft® Windows® Operating System
|
|---|
| 18 | 280.ea0: ProductVersion: 10.0.18362.356
|
|---|
| 19 | 280.ea0: FileVersion: 10.0.18362.356 (WinBuild.160101.0800)
|
|---|
| 20 | 280.ea0: FileDescription: NT Layer DLL
|
|---|
| 21 | 280.ea0: \SystemRoot\System32\kernel32.dll:
|
|---|
| 22 | 280.ea0: CreationTime: 2019-09-19T02:13:06.312696000Z
|
|---|
| 23 | 280.ea0: LastWriteTime: 2019-09-19T02:13:06.328320700Z
|
|---|
| 24 | 280.ea0: ChangeTime: 2019-09-19T02:17:43.218221200Z
|
|---|
| 25 | 280.ea0: FileAttributes: 0x20
|
|---|
| 26 | 280.ea0: Size: 0xb0570
|
|---|
| 27 | 280.ea0: NT Headers: 0xe8
|
|---|
| 28 | 280.ea0: Timestamp: 0xd0cecc10
|
|---|
| 29 | 280.ea0: Machine: 0x8664 - amd64
|
|---|
| 30 | 280.ea0: Timestamp: 0xd0cecc10
|
|---|
| 31 | 280.ea0: Image Version: 10.0
|
|---|
| 32 | 280.ea0: SizeOfImage: 0xb2000 (729088)
|
|---|
| 33 | 280.ea0: Resource Dir: 0xb0000 LB 0x520
|
|---|
| 34 | 280.ea0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 35 | 280.ea0: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
|
|---|
| 36 | 280.ea0: ProductName: Microsoft® Windows® Operating System
|
|---|
| 37 | 280.ea0: ProductVersion: 10.0.18362.329
|
|---|
| 38 | 280.ea0: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
|
|---|
| 39 | 280.ea0: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 40 | 280.ea0: \SystemRoot\System32\KernelBase.dll:
|
|---|
| 41 | 280.ea0: CreationTime: 2019-09-19T02:13:30.196012200Z
|
|---|
| 42 | 280.ea0: LastWriteTime: 2019-09-19T02:13:30.227265600Z
|
|---|
| 43 | 280.ea0: ChangeTime: 2019-09-19T02:17:46.194896800Z
|
|---|
| 44 | 280.ea0: FileAttributes: 0x20
|
|---|
| 45 | 280.ea0: Size: 0x2a2638
|
|---|
| 46 | 280.ea0: NT Headers: 0xf0
|
|---|
| 47 | 280.ea0: Timestamp: 0x7083db20
|
|---|
| 48 | 280.ea0: Machine: 0x8664 - amd64
|
|---|
| 49 | 280.ea0: Timestamp: 0x7083db20
|
|---|
| 50 | 280.ea0: Image Version: 10.0
|
|---|
| 51 | 280.ea0: SizeOfImage: 0x2a3000 (2764800)
|
|---|
| 52 | 280.ea0: Resource Dir: 0x27d000 LB 0x548
|
|---|
| 53 | 280.ea0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 54 | 280.ea0: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
|
|---|
| 55 | 280.ea0: ProductName: Microsoft® Windows® Operating System
|
|---|
| 56 | 280.ea0: ProductVersion: 10.0.18362.356
|
|---|
| 57 | 280.ea0: FileVersion: 10.0.18362.356 (WinBuild.160101.0800)
|
|---|
| 58 | 280.ea0: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 59 | 280.ea0: \SystemRoot\System32\apisetschema.dll:
|
|---|
| 60 | 280.ea0: CreationTime: 2019-03-19T04:43:54.837151500Z
|
|---|
| 61 | 280.ea0: LastWriteTime: 2019-03-19T04:43:54.837151500Z
|
|---|
| 62 | 280.ea0: ChangeTime: 2019-09-19T02:14:30.849753500Z
|
|---|
| 63 | 280.ea0: FileAttributes: 0x20
|
|---|
| 64 | 280.ea0: Size: 0x1d028
|
|---|
| 65 | 280.ea0: NT Headers: 0xc8
|
|---|
| 66 | 280.ea0: Timestamp: 0xd6ced080
|
|---|
| 67 | 280.ea0: Machine: 0x8664 - amd64
|
|---|
| 68 | 280.ea0: Timestamp: 0xd6ced080
|
|---|
| 69 | 280.ea0: Image Version: 10.0
|
|---|
| 70 | 280.ea0: SizeOfImage: 0x1e000 (122880)
|
|---|
| 71 | 280.ea0: Resource Dir: 0x1d000 LB 0x408
|
|---|
| 72 | 280.ea0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
|
|---|
| 73 | 280.ea0: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
|
|---|
| 74 | 280.ea0: ProductName: Microsoft® Windows® Operating System
|
|---|
| 75 | 280.ea0: ProductVersion: 10.0.18362.1
|
|---|
| 76 | 280.ea0: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
|
|---|
| 77 | 280.ea0: FileDescription: ApiSet Schema DLL
|
|---|
| 78 | 280.ea0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
|
|---|
| 79 | 280.ea0: supR3HardenedWinFindAdversaries: 0x0
|
|---|
| 80 | 280.ea0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox'
|
|---|
| 81 | 280.ea0: Calling main()
|
|---|
| 82 | 280.ea0: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
|
|---|
| 83 | 280.ea0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox'
|
|---|
| 84 | 280.ea0: SUPR3HardenedMain: Respawn #1
|
|---|
| 85 | 280.ea0: System32: \Device\HarddiskVolume7\Windows\System32
|
|---|
| 86 | 280.ea0: WinSxS: \Device\HarddiskVolume7\Windows\WinSxS
|
|---|
| 87 | 280.ea0: KnownDllPath: C:\Windows\System32
|
|---|
| 88 | 280.ea0: supR3HardenedWinInit: Performing a limited self purification...
|
|---|
| 89 | 280.ea0: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
|
|---|
| 90 | 280.ea0: *0000000000000000-00000000008bffff 0x0001/0x0000 0x0000000
|
|---|
| 91 | 280.ea0: *00000000008c0000-00000000008cffff 0x0004/0x0004 0x0040000
|
|---|
| 92 | 280.ea0: 00000000008d0000-00000000008dffff 0x0001/0x0000 0x0000000
|
|---|
| 93 | 280.ea0: *00000000008e0000-00000000008fafff 0x0002/0x0002 0x0040000
|
|---|
| 94 | 280.ea0: 00000000008fb000-00000000008fffff 0x0001/0x0000 0x0000000
|
|---|
| 95 | 280.ea0: *0000000000900000-00000000009b8fff 0x0000/0x0004 0x0020000
|
|---|
| 96 | 280.ea0: 00000000009b9000-00000000009bbfff 0x0104/0x0004 0x0020000
|
|---|
| 97 | 280.ea0: 00000000009bc000-00000000009fffff 0x0004/0x0004 0x0020000
|
|---|
| 98 | 280.ea0: *0000000000a00000-0000000000a26fff 0x0000/0x0004 0x0020000
|
|---|
| 99 | 280.ea0: 0000000000a27000-0000000000a29fff 0x0004/0x0004 0x0020000
|
|---|
| 100 | 280.ea0: 0000000000a2a000-0000000000bfffff 0x0000/0x0004 0x0020000
|
|---|
| 101 | 280.ea0: *0000000000c00000-0000000000c03fff 0x0002/0x0002 0x0040000
|
|---|
| 102 | 280.ea0: 0000000000c04000-0000000000c0ffff 0x0001/0x0000 0x0000000
|
|---|
| 103 | 280.ea0: *0000000000c10000-0000000000c11fff 0x0004/0x0004 0x0020000
|
|---|
| 104 | 280.ea0: 0000000000c12000-0000000000c1ffff 0x0001/0x0000 0x0000000
|
|---|
| 105 | 280.ea0: *0000000000c20000-0000000000ce6fff 0x0002/0x0002 0x0040000
|
|---|
| 106 | 280.ea0: 0000000000ce7000-0000000000ceffff 0x0001/0x0000 0x0000000
|
|---|
| 107 | 280.ea0: *0000000000cf0000-0000000000cf1fff 0x0004/0x0004 0x0020000
|
|---|
| 108 | 280.ea0: 0000000000cf2000-0000000000d09fff 0x0000/0x0004 0x0020000
|
|---|
| 109 | 280.ea0: 0000000000d0a000-0000000000d9ffff 0x0001/0x0000 0x0000000
|
|---|
| 110 | 280.ea0: *0000000000da0000-0000000000da4fff 0x0004/0x0004 0x0020000
|
|---|
| 111 | 280.ea0: 0000000000da5000-0000000000e9ffff 0x0000/0x0004 0x0020000
|
|---|
| 112 | 280.ea0: *0000000000ea0000-0000000000ebcfff 0x0004/0x0004 0x0020000
|
|---|
| 113 | 280.ea0: 0000000000ebd000-0000000000f9ffff 0x0000/0x0004 0x0020000
|
|---|
| 114 | 280.ea0: 0000000000fa0000-000000000102ffff 0x0001/0x0000 0x0000000
|
|---|
| 115 | 280.ea0: *0000000001030000-000000000103efff 0x0004/0x0004 0x0020000
|
|---|
| 116 | 280.ea0: 000000000103f000-000000000103ffff 0x0000/0x0004 0x0020000
|
|---|
| 117 | 280.ea0: *0000000001040000-000000000104cfff 0x0000/0x0004 0x0020000
|
|---|
| 118 | 280.ea0: 000000000104d000-000000000123dfff 0x0004/0x0004 0x0020000
|
|---|
| 119 | 280.ea0: 000000000123e000-000000000123efff 0x0000/0x0004 0x0020000
|
|---|
| 120 | 280.ea0: 000000000123f000-000000007ffdffff 0x0001/0x0000 0x0000000
|
|---|
| 121 | 280.ea0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
|
|---|
| 122 | 280.ea0: 000000007ffe1000-000000007ffe1fff 0x0001/0x0000 0x0000000
|
|---|
| 123 | 280.ea0: *000000007ffe2000-000000007ffe2fff 0x0002/0x0002 0x0020000
|
|---|
| 124 | 280.ea0: 000000007ffe3000-00007ff42289ffff 0x0001/0x0000 0x0000000
|
|---|
| 125 | 280.ea0: *00007ff4228a0000-00007ff4228a4fff 0x0002/0x0002 0x0040000
|
|---|
| 126 | 280.ea0: 00007ff4228a5000-00007ff42299ffff 0x0000/0x0002 0x0040000
|
|---|
| 127 | 280.ea0: *00007ff4229a0000-00007ff5229bffff 0x0000/0x0004 0x0020000
|
|---|
| 128 | 280.ea0: *00007ff5229c0000-00007ff5249bffff 0x0000/0x0004 0x0020000
|
|---|
| 129 | 280.ea0: 00007ff5249c0000-00007ff5249c0fff 0x0004/0x0004 0x0020000
|
|---|
| 130 | 280.ea0: 00007ff5249c1000-00007ff5249cffff 0x0001/0x0000 0x0000000
|
|---|
| 131 | 280.ea0: *00007ff5249d0000-00007ff5249d0fff 0x0002/0x0002 0x0040000
|
|---|
| 132 | 280.ea0: 00007ff5249d1000-00007ff5249dffff 0x0001/0x0000 0x0000000
|
|---|
| 133 | 280.ea0: *00007ff5249e0000-00007ff524a02fff 0x0002/0x0002 0x0040000
|
|---|
| 134 | 280.ea0: 00007ff524a03000-00007ff610a0ffff 0x0001/0x0000 0x0000000
|
|---|
| 135 | 280.ea0: *00007ff610a10000-00007ff610a10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 136 | 280.ea0: 00007ff610a11000-00007ff610a82fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 137 | 280.ea0: 00007ff610a83000-00007ff610a83fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 138 | 280.ea0: 00007ff610a84000-00007ff610acafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 139 | 280.ea0: 00007ff610acb000-00007ff610acdfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 140 | 280.ea0: 00007ff610ace000-00007ff610ad0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 141 | 280.ea0: 00007ff610ad1000-00007ff610ad3fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 142 | 280.ea0: 00007ff610ad4000-00007ff610ad4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 143 | 280.ea0: 00007ff610ad5000-00007ff610ad6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 144 | 280.ea0: 00007ff610ad7000-00007ff610ad7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 145 | 280.ea0: 00007ff610ad8000-00007ff610b1ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 146 | 280.ea0: 00007ff610b20000-00007ffaaca1ffff 0x0001/0x0000 0x0000000
|
|---|
| 147 | 280.ea0: *00007ffaaca20000-00007ffaaca20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
|
|---|
| 148 | 280.ea0: 00007ffaaca21000-00007ffaacb25fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
|
|---|
| 149 | 280.ea0: 00007ffaacb26000-00007ffaacc87fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
|
|---|
| 150 | 280.ea0: 00007ffaacc88000-00007ffaacc8bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
|
|---|
| 151 | 280.ea0: 00007ffaacc8c000-00007ffaacc8cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
|
|---|
| 152 | 280.ea0: 00007ffaacc8d000-00007ffaaccc2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
|
|---|
| 153 | 280.ea0: 00007ffaaccc3000-00007ffaaf26ffff 0x0001/0x0000 0x0000000
|
|---|
| 154 | 280.ea0: *00007ffaaf270000-00007ffaaf270fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
|
|---|
| 155 | 280.ea0: 00007ffaaf271000-00007ffaaf2e5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
|
|---|
| 156 | 280.ea0: 00007ffaaf2e6000-00007ffaaf317fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
|
|---|
| 157 | 280.ea0: 00007ffaaf318000-00007ffaaf318fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
|
|---|
| 158 | 280.ea0: 00007ffaaf319000-00007ffaaf319fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
|
|---|
| 159 | 280.ea0: 00007ffaaf31a000-00007ffaaf321fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
|
|---|
| 160 | 280.ea0: 00007ffaaf322000-00007ffaaf6dffff 0x0001/0x0000 0x0000000
|
|---|
| 161 | 280.ea0: *00007ffaaf6e0000-00007ffaaf6e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 162 | 280.ea0: 00007ffaaf6e1000-00007ffaaf7f7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 163 | 280.ea0: 00007ffaaf7f8000-00007ffaaf83efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 164 | 280.ea0: 00007ffaaf83f000-00007ffaaf83ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 165 | 280.ea0: 00007ffaaf840000-00007ffaaf841fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 166 | 280.ea0: 00007ffaaf842000-00007ffaaf84afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 167 | 280.ea0: 00007ffaaf84b000-00007ffaaf8cffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 168 | 280.ea0: 00007ffaaf8d0000-00007ffffffeffff 0x0001/0x0000 0x0000000
|
|---|
| 169 | 280.ea0: kernel32.dll: timestamp 0xd0cecc10 (rc=VINF_SUCCESS)
|
|---|
| 170 | 280.ea0: kernelbase.dll: timestamp 0x7083db20 (rc=VINF_SUCCESS)
|
|---|
| 171 | 280.ea0: VirtualBox.exe: timestamp 0x5d7f5b47 (rc=VINF_SUCCESS)
|
|---|
| 172 | 280.ea0: '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 173 | 280.ea0: '\Device\HarddiskVolume7\Windows\System32\ntdll.dll' has no imports
|
|---|
| 174 | 280.ea0: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
|
|---|
| 175 | 280.ea0: '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 176 | 280.ea0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe)
|
|---|
| 177 | 280.ea0: supR3HardNtEnableThreadCreationEx:
|
|---|
| 178 | 280.ea0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffaaf751800 pvNtTerminateThread=00007ffaaf77cb20
|
|---|
| 179 | 280.ea0: supR3HardenedWinDoReSpawn(1): New child 22d8.1668 [kernel32].
|
|---|
| 180 | 280.ea0: supR3HardNtChildGatherData: PebBaseAddress=0000000000918000 cbPeb=0x388
|
|---|
| 181 | 280.ea0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffaaf6e0000 uNtDllChildAddr=00007ffaaf6e0000
|
|---|
| 182 | 280.ea0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffaaf751800
|
|---|
| 183 | 280.ea0: supR3HardenedWinSetupChildInit: Start child.
|
|---|
| 184 | 280.ea0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
|
|---|
| 185 | 280.ea0: supR3HardNtChildPurify: Startup delay kludge #1/0: 265 ms, 16 sleeps
|
|---|
| 186 | 280.ea0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
|
|---|
| 187 | 280.ea0: *0000000000000000-000000000062ffff 0x0001/0x0000 0x0000000
|
|---|
| 188 | 280.ea0: *0000000000630000-000000000064ffff 0x0004/0x0004 0x0020000
|
|---|
| 189 | 280.ea0: *0000000000650000-000000000066afff 0x0002/0x0002 0x0040000
|
|---|
| 190 | 280.ea0: 000000000066b000-000000000066ffff 0x0001/0x0000 0x0000000
|
|---|
| 191 | 280.ea0: *0000000000670000-000000000076afff 0x0000/0x0004 0x0020000
|
|---|
| 192 | 280.ea0: 000000000076b000-000000000076dfff 0x0104/0x0004 0x0020000
|
|---|
| 193 | 280.ea0: 000000000076e000-000000000076ffff 0x0004/0x0004 0x0020000
|
|---|
| 194 | 280.ea0: *0000000000770000-0000000000773fff 0x0002/0x0002 0x0040000
|
|---|
| 195 | 280.ea0: 0000000000774000-000000000077ffff 0x0001/0x0000 0x0000000
|
|---|
| 196 | 280.ea0: *0000000000780000-0000000000781fff 0x0004/0x0004 0x0020000
|
|---|
| 197 | 280.ea0: 0000000000782000-00000000007fffff 0x0001/0x0000 0x0000000
|
|---|
| 198 | 280.ea0: *0000000000800000-0000000000917fff 0x0000/0x0004 0x0020000
|
|---|
| 199 | 280.ea0: 0000000000918000-000000000091afff 0x0004/0x0004 0x0020000
|
|---|
| 200 | 280.ea0: 000000000091b000-00000000009fffff 0x0000/0x0004 0x0020000
|
|---|
| 201 | 280.ea0: 0000000000a00000-000000007ffdffff 0x0001/0x0000 0x0000000
|
|---|
| 202 | 280.ea0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
|
|---|
| 203 | 280.ea0: 000000007ffe1000-000000007ffe1fff 0x0001/0x0000 0x0000000
|
|---|
| 204 | 280.ea0: *000000007ffe2000-000000007ffe2fff 0x0002/0x0002 0x0020000
|
|---|
| 205 | 280.ea0: 000000007ffe3000-00007ff5aa9dffff 0x0001/0x0000 0x0000000
|
|---|
| 206 | 280.ea0: *00007ff5aa9e0000-00007ff5aa9e0fff 0x0002/0x0002 0x0040000
|
|---|
| 207 | 280.ea0: 00007ff5aa9e1000-00007ff5aa9effff 0x0001/0x0000 0x0000000
|
|---|
| 208 | 280.ea0: *00007ff5aa9f0000-00007ff5aaa12fff 0x0002/0x0002 0x0040000
|
|---|
| 209 | 280.ea0: 00007ff5aaa13000-00007ff610a0ffff 0x0001/0x0000 0x0000000
|
|---|
| 210 | 280.ea0: *00007ff610a10000-00007ff610a10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 211 | 280.ea0: 00007ff610a11000-00007ff610a82fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 212 | 280.ea0: 00007ff610a83000-00007ff610a83fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 213 | 280.ea0: 00007ff610a84000-00007ff610acafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 214 | 280.ea0: 00007ff610acb000-00007ff610acbfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 215 | 280.ea0: 00007ff610acc000-00007ff610accfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 216 | 280.ea0: 00007ff610acd000-00007ff610ad1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 217 | 280.ea0: 00007ff610ad2000-00007ff610ad2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 218 | 280.ea0: 00007ff610ad3000-00007ff610ad3fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 219 | 280.ea0: 00007ff610ad4000-00007ff610ad7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 220 | 280.ea0: 00007ff610ad8000-00007ff610b1ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 221 | 280.ea0: 00007ff610b20000-00007ffaaf6dffff 0x0001/0x0000 0x0000000
|
|---|
| 222 | 280.ea0: *00007ffaaf6e0000-00007ffaaf6e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 223 | 280.ea0: 00007ffaaf6e1000-00007ffaaf7f7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 224 | 280.ea0: 00007ffaaf7f8000-00007ffaaf83efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 225 | 280.ea0: 00007ffaaf83f000-00007ffaaf84afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 226 | 280.ea0: 00007ffaaf84b000-00007ffaaf859fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 227 | 280.ea0: 00007ffaaf85a000-00007ffaaf85afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 228 | 280.ea0: 00007ffaaf85b000-00007ffaaf85dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 229 | 280.ea0: 00007ffaaf85e000-00007ffaaf8cffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
|
|---|
| 230 | 280.ea0: 00007ffaaf8d0000-00007ffffffeffff 0x0001/0x0000 0x0000000
|
|---|
| 231 | 280.ea0: supR3HardNtChildPurify: Done after 265 ms and 0 fixes (loop #0).
|
|---|
| 232 | 22d8.1668: Log file opened: 5.2.33r133385 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
|
|---|
| 233 | 22d8.1668: supR3HardenedVmProcessInit: uNtDllAddr=00007ffaaf6e0000 g_uNtVerCombined=0xa047ba00
|
|---|
| 234 | 22d8.1668: ntdll.dll: timestamp 0xf24fc044 (rc=VINF_SUCCESS)
|
|---|
| 235 | 22d8.1668: New simple heap: #1 0000000000b00000 LB 0x400000 (for 2031616 allocation)
|
|---|
| 236 | 280.ea0: supR3HardNtEnableThreadCreationEx:
|
|---|
| 237 | 22d8.1668: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox'
|
|---|
| 238 | 22d8.1668: System32: \Device\HarddiskVolume7\Windows\System32
|
|---|
| 239 | 22d8.1668: WinSxS: \Device\HarddiskVolume7\Windows\WinSxS
|
|---|
| 240 | 22d8.1668: KnownDllPath: C:\Windows\System32
|
|---|
| 241 | 22d8.1668: supR3HardenedVmProcessInit: Opening vboxdrv stub...
|
|---|
| 242 | 22d8.1668: Error opening VBoxDrvStub: STATUS_OBJECT_NAME_NOT_FOUND
|
|---|
| 243 | 22d8.1668: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc0000034
|
|---|
| 244 | 22d8.1668: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
|
|---|
| 245 | 22d8.1668: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 246 |
|
|---|
| 247 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|
| 248 | 280.ea0: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 249 |
|
|---|
| 250 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|
| 251 | 280.ea0: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
|
|---|
| 252 | 280.ea0: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
|
|---|
| 253 |
|
|---|
| 254 | Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
|
|---|