TEXT   34

VBOXHardening.log

Guest on 15th July 2022 09:58:27 PM

  1. 3e38.4930: Log file opened: 6.1.34r150636 g_hStartupLog=0000000000000084 g_uNtVerCombined=0xa04a6300
  2. 3e38.4930: \SystemRoot\System32\ntdll.dll:
  3. 3e38.4930:     CreationTime:    2022-07-14T21:44:11.807552400Z
  4. 3e38.4930:     LastWriteTime:   2022-07-14T21:44:11.846588200Z
  5. 3e38.4930:     ChangeTime:      2022-07-14T23:47:12.776537900Z
  6. 3e38.4930:     FileAttributes:  0x20
  7. 3e38.4930:     Size:            0x1ef3a8
  8. 3e38.4930:     NT Headers:      0xe8
  9. 3e38.4930:     Timestamp:       0x1000a5b9
  10. 3e38.4930:     Machine:         0x8664 - amd64
  11. 3e38.4930:     Timestamp:       0x1000a5b9
  12. 3e38.4930:     Image Version:   10.0
  13. 3e38.4930:     SizeOfImage:     0x1f8000 (2064384)
  14. 3e38.4930:     Resource Dir:    0x186000 LB 0x700a0
  15. 3e38.4930:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
  16. 3e38.4930:     [Raw version resource data: 0x1860f0 LB 0x380, codepage 0x0 (reserved 0x0)]
  17. 3e38.4930:     ProductName:     Microsoft® Windows® Operating System
  18. 3e38.4930:     ProductVersion:  10.0.19041.1806
  19. 3e38.4930:     FileVersion:     10.0.19041.1806 (WinBuild.160101.0800)
  20. 3e38.4930:     FileDescription: NT Layer DLL
  21. 3e38.4930: \SystemRoot\System32\kernel32.dll:
  22. 3e38.4930:     CreationTime:    2022-07-14T21:44:16.824617400Z
  23. 3e38.4930:     LastWriteTime:   2022-07-14T21:44:16.841633000Z
  24. 3e38.4930:     ChangeTime:      2022-07-14T23:47:09.588797400Z
  25. 3e38.4930:     FileAttributes:  0x20
  26. 3e38.4930:     Size:            0xbb058
  27. 3e38.4930:     NT Headers:      0xe8
  28. 3e38.4930:     Timestamp:       0x4d6d72d1
  29. 3e38.4930:     Machine:         0x8664 - amd64
  30. 3e38.4930:     Timestamp:       0x4d6d72d1
  31. 3e38.4930:     Image Version:   10.0
  32. 3e38.4930:     SizeOfImage:     0xbd000 (774144)
  33. 3e38.4930:     Resource Dir:    0xbb000 LB 0x520
  34. 3e38.4930:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
  35. 3e38.4930:     [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
  36. 3e38.4930:     ProductName:     Microsoft® Windows® Operating System
  37. 3e38.4930:     ProductVersion:  10.0.19041.1806
  38. 3e38.4930:     FileVersion:     10.0.19041.1806 (WinBuild.160101.0800)
  39. 3e38.4930:     FileDescription: Windows NT BASE API Client DLL
  40. 3e38.4930: \SystemRoot\System32\KernelBase.dll:
  41. 3e38.4930:     CreationTime:    2022-07-14T21:44:12.409099000Z
  42. 3e38.4930:     LastWriteTime:   2022-07-14T21:44:12.480163300Z
  43. 3e38.4930:     ChangeTime:      2022-07-14T23:47:12.073360500Z
  44. 3e38.4930:     FileAttributes:  0x20
  45. 3e38.4930:     Size:            0x2d0058
  46. 3e38.4930:     NT Headers:      0x100
  47. 3e38.4930:     Timestamp:       0x299341e8
  48. 3e38.4930:     Machine:         0x8664 - amd64
  49. 3e38.4930:     Timestamp:       0x299341e8
  50. 3e38.4930:     Image Version:   10.0
  51. 3e38.4930:     SizeOfImage:     0x2ce000 (2940928)
  52. 3e38.4930:     Resource Dir:    0x2a5000 LB 0x548
  53. 3e38.4930:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
  54. 3e38.4930:     [Raw version resource data: 0x2a50b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
  55. 3e38.4930:     ProductName:     Microsoft® Windows® Operating System
  56. 3e38.4930:     ProductVersion:  10.0.19041.1826
  57. 3e38.4930:     FileVersion:     10.0.19041.1826 (WinBuild.160101.0800)
  58. 3e38.4930:     FileDescription: Windows NT BASE API Client DLL
  59. 3e38.4930: \SystemRoot\System32\apisetschema.dll:
  60. 3e38.4930:     CreationTime:    2019-12-07T09:08:13.518339400Z
  61. 3e38.4930:     LastWriteTime:   2019-12-07T09:08:13.518339400Z
  62. 3e38.4930:     ChangeTime:      2022-07-14T21:44:59.119589800Z
  63. 3e38.4930:     FileAttributes:  0x20
  64. 3e38.4930:     Size:            0x1f538
  65. 3e38.4930:     NT Headers:      0xd0
  66. 3e38.4930:     Timestamp:       0x31288ce0
  67. 3e38.4930:     Machine:         0x8664 - amd64
  68. 3e38.4930:     Timestamp:       0x31288ce0
  69. 3e38.4930:     Image Version:   10.0
  70. 3e38.4930:     SizeOfImage:     0x20000 (131072)
  71. 3e38.4930:     Resource Dir:    0x1f000 LB 0x408
  72. 3e38.4930:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
  73. 3e38.4930:     [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
  74. 3e38.4930:     ProductName:     Microsoft® Windows® Operating System
  75. 3e38.4930:     ProductVersion:  10.0.19041.1
  76. 3e38.4930:     FileVersion:     10.0.19041.1 (WinBuild.160101.0800)
  77. 3e38.4930:     FileDescription: ApiSet Schema DLL
  78. 3e38.4930: NtOpenDirectoryObject failed on \Driver: 0xc0000022
  79. 3e38.4930: supR3HardenedWinFindAdversaries: 0x0
  80. 3e38.4930: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume6'
  81. 3e38.4930: Calling main()
  82. 3e38.4930: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
  83. 3e38.4930: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume6'
  84. 3e38.4930: SUPR3HardenedMain: Respawn #1
  85. 3e38.4930: System32:  \Device\HarddiskVolume6\Windows\System32
  86. 3e38.4930: WinSxS:    \Device\HarddiskVolume6\Windows\WinSxS
  87. 3e38.4930: KnownDllPath: C:\WINDOWS\System32
  88. 3e38.4930: supR3HardenedWinInit: Performing a limited self purification...
  89. 3e38.4930: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
  90. 3e38.4930:  *0000000000000000-00000000003bffff 0x0001/0x0000 0x0000000
  91. 3e38.4930:  *00000000003c0000-00000000003c0fff 0x0002/0x0002 0x0040000
  92. 3e38.4930:   00000000003c1000-00000000003cffff 0x0001/0x0000 0x0000000
  93. 3e38.4930:  *00000000003d0000-00000000003d0fff 0x0002/0x0002 0x0040000
  94. 3e38.4930:   00000000003d1000-00000000003dffff 0x0001/0x0000 0x0000000
  95. 3e38.4930:  *00000000003e0000-00000000003fcfff 0x0002/0x0002 0x0040000
  96. 3e38.4930:   00000000003fd000-00000000003fffff 0x0001/0x0000 0x0000000
  97. 3e38.4930:  *0000000000400000-00000000005a1fff 0x0000/0x0004 0x0020000
  98. 3e38.4930:   00000000005a2000-00000000005a4fff 0x0004/0x0004 0x0020000
  99. 3e38.4930:   00000000005a5000-00000000005fffff 0x0000/0x0004 0x0020000
  100. 3e38.4930:  *0000000000600000-00000000006b8fff 0x0000/0x0004 0x0020000
  101. 3e38.4930:   00000000006b9000-00000000006bbfff 0x0104/0x0004 0x0020000
  102. 3e38.4930:   00000000006bc000-00000000006fffff 0x0004/0x0004 0x0020000
  103. 3e38.4930:  *0000000000700000-0000000000703fff 0x0002/0x0002 0x0040000
  104. 3e38.4930:   0000000000704000-000000000070ffff 0x0001/0x0000 0x0000000
  105. 3e38.4930:  *0000000000710000-0000000000711fff 0x0004/0x0004 0x0020000
  106. 3e38.4930:   0000000000712000-000000000071ffff 0x0001/0x0000 0x0000000
  107. 3e38.4930:  *0000000000720000-0000000000720fff 0x0002/0x0002 0x0040000
  108. 3e38.4930:   0000000000721000-000000000072ffff 0x0001/0x0000 0x0000000
  109. 3e38.4930:  *0000000000730000-000000000073ffff 0x0004/0x0004 0x0040000
  110. 3e38.4930:  *0000000000740000-0000000000808fff 0x0002/0x0002 0x0040000
  111. 3e38.4930:   0000000000809000-000000000084ffff 0x0001/0x0000 0x0000000
  112. 3e38.4930:  *0000000000850000-0000000000855fff 0x0004/0x0004 0x0020000
  113. 3e38.4930:   0000000000856000-000000000094ffff 0x0000/0x0004 0x0020000
  114. 3e38.4930:  *0000000000950000-0000000000951fff 0x0004/0x0004 0x0020000
  115. 3e38.4930:   0000000000952000-00000000009b1fff 0x0000/0x0004 0x0020000
  116. 3e38.4930:   00000000009b2000-00000000009bffff 0x0001/0x0000 0x0000000
  117. 3e38.4930:  *00000000009c0000-00000000009e6fff 0x0004/0x0004 0x0020000
  118. 3e38.4930:   00000000009e7000-0000000000abffff 0x0000/0x0004 0x0020000
  119. 3e38.4930:   0000000000ac0000-0000000000acffff 0x0001/0x0000 0x0000000
  120. 3e38.4930:  *0000000000ad0000-0000000000adefff 0x0004/0x0004 0x0020000
  121. 3e38.4930:   0000000000adf000-0000000000adffff 0x0000/0x0004 0x0020000
  122. 3e38.4930:  *0000000000ae0000-0000000000ae8fff 0x0000/0x0004 0x0020000
  123. 3e38.4930:   0000000000ae9000-0000000000ce1fff 0x0004/0x0004 0x0020000
  124. 3e38.4930:   0000000000ce2000-0000000000ce2fff 0x0000/0x0004 0x0020000
  125. 3e38.4930:   0000000000ce3000-000000007ffdffff 0x0001/0x0000 0x0000000
  126. 3e38.4930:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
  127. 3e38.4930:   000000007ffe1000-000000007ffe3fff 0x0001/0x0000 0x0000000
  128. 3e38.4930:  *000000007ffe4000-000000007ffe4fff 0x0002/0x0002 0x0020000
  129. 3e38.4930:   000000007ffe5000-00007ff49210ffff 0x0001/0x0000 0x0000000
  130. 3e38.4930:  *00007ff492110000-00007ff492114fff 0x0002/0x0002 0x0040000
  131. 3e38.4930:   00007ff492115000-00007ff49220ffff 0x0000/0x0002 0x0040000
  132. 3e38.4930:  *00007ff492210000-00007ff59222ffff 0x0000/0x0004 0x0020000
  133. 3e38.4930:  *00007ff592230000-00007ff59422ffff 0x0000/0x0004 0x0020000
  134. 3e38.4930:   00007ff594230000-00007ff594230fff 0x0004/0x0004 0x0020000
  135. 3e38.4930:   00007ff594231000-00007ff59423ffff 0x0001/0x0000 0x0000000
  136. 3e38.4930:  *00007ff594240000-00007ff594240fff 0x0002/0x0002 0x0040000
  137. 3e38.4930:   00007ff594241000-00007ff59424ffff 0x0001/0x0000 0x0000000
  138. 3e38.4930:  *00007ff594250000-00007ff594272fff 0x0002/0x0002 0x0040000
  139. 3e38.4930:   00007ff594273000-00007ff755a9ffff 0x0001/0x0000 0x0000000
  140. 3e38.4930:  *00007ff755aa0000-00007ff755aa0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  141. 3e38.4930:   00007ff755aa1000-00007ff755b17fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  142. 3e38.4930:   00007ff755b18000-00007ff755b18fff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  143. 3e38.4930:   00007ff755b19000-00007ff755b61fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  144. 3e38.4930:   00007ff755b62000-00007ff755b64fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  145. 3e38.4930:   00007ff755b65000-00007ff755b67fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  146. 3e38.4930:   00007ff755b68000-00007ff755b6afff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  147. 3e38.4930:   00007ff755b6b000-00007ff755b6bfff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  148. 3e38.4930:   00007ff755b6c000-00007ff755b6dfff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  149. 3e38.4930:   00007ff755b6e000-00007ff755b6efff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  150. 3e38.4930:   00007ff755b6f000-00007ff755bb7fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  151. 3e38.4930:   00007ff755bb8000-00007ffb40e0ffff 0x0001/0x0000 0x0000000
  152. 3e38.4930:  *00007ffb40e10000-00007ffb40e10fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\KernelBase.dll
  153. 3e38.4930:   00007ffb40e11000-00007ffb40f25fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\KernelBase.dll
  154. 3e38.4930:   00007ffb40f26000-00007ffb4109ffff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\KernelBase.dll
  155. 3e38.4930:   00007ffb410a0000-00007ffb410a3fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\KernelBase.dll
  156. 3e38.4930:   00007ffb410a4000-00007ffb410a4fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\KernelBase.dll
  157. 3e38.4930:   00007ffb410a5000-00007ffb410ddfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\KernelBase.dll
  158. 3e38.4930:   00007ffb410de000-00007ffb42f7ffff 0x0001/0x0000 0x0000000
  159. 3e38.4930:  *00007ffb42f80000-00007ffb42f80fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\kernel32.dll
  160. 3e38.4930:   00007ffb42f81000-00007ffb42ffefff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\kernel32.dll
  161. 3e38.4930:   00007ffb42fff000-00007ffb43031fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\kernel32.dll
  162. 3e38.4930:   00007ffb43032000-00007ffb43032fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\kernel32.dll
  163. 3e38.4930:   00007ffb43033000-00007ffb43033fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\kernel32.dll
  164. 3e38.4930:   00007ffb43034000-00007ffb4303cfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\kernel32.dll
  165. 3e38.4930:   00007ffb4303d000-00007ffb4364ffff 0x0001/0x0000 0x0000000
  166. 3e38.4930:  *00007ffb43650000-00007ffb43650fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  167. 3e38.4930:   00007ffb43651000-00007ffb4376cfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  168. 3e38.4930:   00007ffb4376d000-00007ffb437b5fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  169. 3e38.4930:   00007ffb437b6000-00007ffb437b6fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  170. 3e38.4930:   00007ffb437b7000-00007ffb437b8fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  171. 3e38.4930:   00007ffb437b9000-00007ffb437c1fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  172. 3e38.4930:   00007ffb437c2000-00007ffb43847fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  173. 3e38.4930:   00007ffb43848000-00007ffffffeffff 0x0001/0x0000 0x0000000
  174. 3e38.4930: kernel32.dll: timestamp 0x4d6d72d1 (rc=VINF_SUCCESS)
  175. 3e38.4930: kernelbase.dll: timestamp 0x299341e8 (rc=VINF_SUCCESS)
  176. 3e38.4930: VirtualBoxVM.exe: timestamp 0x623a5dfe (rc=VINF_SUCCESS)
  177. 3e38.4930: \Device\HarddiskVolume6\VirtualBoxVM.exe: Signature #1/2: info status: 24202
  178. 3e38.4930: '\Device\HarddiskVolume6\VirtualBoxVM.exe' has no imports
  179. 3e38.4930: '\Device\HarddiskVolume6\Windows\System32\ntdll.dll' has no imports
  180. 3e38.4930: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
  181. 3e38.4930: \Device\HarddiskVolume6\VirtualBoxVM.exe: Signature #1/2: info status: 24202
  182. 3e38.4930: '\Device\HarddiskVolume6\VirtualBoxVM.exe' has no imports
  183. 3e38.4930: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume6\VirtualBoxVM.exe)
  184. 3e38.4930: supR3HardNtEnableThreadCreationEx:
  185. 3e38.4930: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffb436c4b00 pvNtTerminateThread=00007ffb436ed990
  186. 3e38.4930: supR3HardenedWinDoReSpawn(1): New child 56b0.135c [kernel32].
  187. 3e38.4930: supR3HardNtChildGatherData: PebBaseAddress=000000000065e000 cbPeb=0x388
  188. 3e38.4930: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffb43650000 uNtDllChildAddr=00007ffb43650000
  189. 3e38.4930: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffb436c4b00
  190. 3e38.4930: supR3HardenedWinSetupChildInit: Initial context:
  191.   rax=0000000000000000 rbx=0000000000000000 rcx=00007ff755aa7900 rdx=000000000065e000
  192.   rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
  193.   r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
  194.   r14=0000000000000000 r15=0000000000000000  P1=0000000000000000  P2=0000000000000000
  195.   rip=00007ffb436a2630 rsp=00000000008ff938 rbp=0000000000000000    ctxflags=0010001b
  196.   cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000    eflags=00000200   mxcrx=00001f80
  197.    P3=0000000000000000  P4=0000000000000000  P5=0000000000000000  P6=0000000000000000
  198.   dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
  199.   dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
  200.   lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
  201. 3e38.4930: supR3HardenedWinSetupChildInit: Start child.
  202. 3e38.4930: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
  203. 3e38.4930: supR3HardNtChildPurify: Startup delay kludge #1/0: 268 ms, 17 sleeps
  204. 3e38.4930: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
  205. 3e38.4930:  *0000000000000000-00000000004cffff 0x0001/0x0000 0x0000000
  206. 3e38.4930:  *00000000004d0000-00000000004effff 0x0004/0x0004 0x0020000
  207. 3e38.4930:  *00000000004f0000-000000000050cfff 0x0002/0x0002 0x0040000
  208. 3e38.4930:   000000000050d000-000000000050ffff 0x0001/0x0000 0x0000000
  209. 3e38.4930:  *0000000000510000-0000000000513fff 0x0002/0x0002 0x0040000
  210. 3e38.4930:   0000000000514000-000000000051ffff 0x0001/0x0000 0x0000000
  211. 3e38.4930:  *0000000000520000-0000000000521fff 0x0004/0x0004 0x0020000
  212. 3e38.4930:   0000000000522000-00000000005fffff 0x0001/0x0000 0x0000000
  213. 3e38.4930:  *0000000000600000-000000000065dfff 0x0000/0x0004 0x0020000
  214. 3e38.4930:   000000000065e000-0000000000660fff 0x0004/0x0004 0x0020000
  215. 3e38.4930:   0000000000661000-00000000007fffff 0x0000/0x0004 0x0020000
  216. 3e38.4930:  *0000000000800000-00000000008fafff 0x0000/0x0004 0x0020000
  217. 3e38.4930:   00000000008fb000-00000000008fdfff 0x0104/0x0004 0x0020000
  218. 3e38.4930:   00000000008fe000-00000000008fffff 0x0004/0x0004 0x0020000
  219. 3e38.4930:   0000000000900000-000000007ffdffff 0x0001/0x0000 0x0000000
  220. 3e38.4930:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
  221. 3e38.4930:   000000007ffe1000-000000007ffe3fff 0x0001/0x0000 0x0000000
  222. 3e38.4930:  *000000007ffe4000-000000007ffe4fff 0x0002/0x0002 0x0020000
  223. 3e38.4930:   000000007ffe5000-00007ff532c9ffff 0x0001/0x0000 0x0000000
  224. 3e38.4930:  *00007ff532ca0000-00007ff532ca0fff 0x0002/0x0002 0x0040000
  225. 3e38.4930:   00007ff532ca1000-00007ff532caffff 0x0001/0x0000 0x0000000
  226. 3e38.4930:  *00007ff532cb0000-00007ff532cd2fff 0x0002/0x0002 0x0040000
  227. 3e38.4930:   00007ff532cd3000-00007ff755a9ffff 0x0001/0x0000 0x0000000
  228. 3e38.4930:  *00007ff755aa0000-00007ff755aa0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  229. 3e38.4930:   00007ff755aa1000-00007ff755b17fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  230. 3e38.4930:   00007ff755b18000-00007ff755b18fff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  231. 3e38.4930:   00007ff755b19000-00007ff755b61fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  232. 3e38.4930:   00007ff755b62000-00007ff755b62fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  233. 3e38.4930:   00007ff755b63000-00007ff755b63fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  234. 3e38.4930:   00007ff755b64000-00007ff755b68fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  235. 3e38.4930:   00007ff755b69000-00007ff755b69fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  236. 3e38.4930:   00007ff755b6a000-00007ff755b6afff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  237. 3e38.4930:   00007ff755b6b000-00007ff755b6efff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  238. 3e38.4930:   00007ff755b6f000-00007ff755bb7fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\VirtualBoxVM.exe
  239. 3e38.4930:   00007ff755bb8000-00007ffb4364ffff 0x0001/0x0000 0x0000000
  240. 3e38.4930:  *00007ffb43650000-00007ffb43650fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  241. 3e38.4930:   00007ffb43651000-00007ffb4376cfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  242. 3e38.4930:   00007ffb4376d000-00007ffb437b5fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  243. 3e38.4930:   00007ffb437b6000-00007ffb437c1fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  244. 3e38.4930:   00007ffb437c2000-00007ffb437d0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  245. 3e38.4930:   00007ffb437d1000-00007ffb437d1fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  246. 3e38.4930:   00007ffb437d2000-00007ffb437d4fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  247. 3e38.4930:   00007ffb437d5000-00007ffb43847fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume6\Windows\System32\ntdll.dll
  248. 3e38.4930:   00007ffb43848000-00007ffffffeffff 0x0001/0x0000 0x0000000
  249. 3e38.4930: supR3HardNtChildPurify: Done after 270 ms and 0 fixes (loop #0).
  250. 56b0.135c: Log file opened: 6.1.34r150636 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6300
  251. 56b0.135c: supR3HardenedVmProcessInit: uNtDllAddr=00007ffb43650000 g_uNtVerCombined=0xa04a6300 (stack ~00000000008ff3c8)
  252. 56b0.135c: ntdll.dll: timestamp 0x1000a5b9 (rc=VINF_SUCCESS)
  253. 56b0.135c: New simple heap: #1 0000000000a00000 LB 0x400000 (for 2064384 allocation)
  254. 3e38.4930: supR3HardNtEnableThreadCreationEx:
  255. 56b0.135c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume6'
  256. 56b0.135c: System32:  \Device\HarddiskVolume6\Windows\System32
  257. 56b0.135c: WinSxS:    \Device\HarddiskVolume6\Windows\WinSxS
  258. 56b0.135c: KnownDllPath: C:\WINDOWS\System32
  259. 56b0.135c: supR3HardenedVmProcessInit: Opening vboxdrv stub...
  260. 56b0.135c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
  261. 56b0.135c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
  262. 56b0.135c: Registered Dll notification callback with NTDLL.
  263. 56b0.135c: \Device\HarddiskVolume6\Windows\System32\kernel32.dll: Signature #1/1: VERR_SUP_VP_NOT_VALID_KERNEL_CODE_SIGNATURE (-5659) w/ timestamp=0x4d6d72d1/link.
  264. 56b0.135c: supHardenedWinVerifyImageByHandle: -> -5659 (\Device\HarddiskVolume6\Windows\System32\kernel32.dll)
  265. 56b0.135c: Error (rc=0):
  266. 56b0.135c: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5659 (0xffffe9e5) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume6\Windows\System32\kernel32.dll: Signature #1/1: Not valid kernel code signature.: \Device\HarddiskVolume6\Windows\System32\kernel32.dll
  267. 56b0.135c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume6\Windows\System32\kernel32.dll
  268. 56b0.135c: Error (rc=0):
  269. 56b0.135c: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\WINDOWS\System32\KERNEL32.DLL': rcNt=0xc0000190
  270. 56b0.135c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\WINDOWS\System32\KERNEL32.DLL'
  271. 3e38.4930: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000190 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 46 ms, Close

Raw Paste


Login or Register to edit or fork this paste. It's free.