3e38.4930: Log file opened: 6.1.34r150636 g_hStartupLog=0000000000000084 g_uNtVerCombined=0xa04a6300 3e38.4930: \SystemRoot\System32\ntdll.dll: 3e38.4930: CreationTime: 2022-07-14T21:44:11.807552400Z 3e38.4930: LastWriteTime: 2022-07-14T21:44:11.846588200Z 3e38.4930: ChangeTime: 2022-07-14T23:47:12.776537900Z 3e38.4930: FileAttributes: 0x20 3e38.4930: Size: 0x1ef3a8 3e38.4930: NT Headers: 0xe8 3e38.4930: Timestamp: 0x1000a5b9 3e38.4930: Machine: 0x8664 - amd64 3e38.4930: Timestamp: 0x1000a5b9 3e38.4930: Image Version: 10.0 3e38.4930: SizeOfImage: 0x1f8000 (2064384) 3e38.4930: Resource Dir: 0x186000 LB 0x700a0 3e38.4930: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 3e38.4930: [Raw version resource data: 0x1860f0 LB 0x380, codepage 0x0 (reserved 0x0)] 3e38.4930: ProductName: Microsoft® Windows® Operating System 3e38.4930: ProductVersion: 10.0.19041.1806 3e38.4930: FileVersion: 10.0.19041.1806 (WinBuild.160101.0800) 3e38.4930: FileDescription: NT Layer DLL 3e38.4930: \SystemRoot\System32\kernel32.dll: 3e38.4930: CreationTime: 2022-07-14T21:44:16.824617400Z 3e38.4930: LastWriteTime: 2022-07-14T21:44:16.841633000Z 3e38.4930: ChangeTime: 2022-07-14T23:47:09.588797400Z 3e38.4930: FileAttributes: 0x20 3e38.4930: Size: 0xbb058 3e38.4930: NT Headers: 0xe8 3e38.4930: Timestamp: 0x4d6d72d1 3e38.4930: Machine: 0x8664 - amd64 3e38.4930: Timestamp: 0x4d6d72d1 3e38.4930: Image Version: 10.0 3e38.4930: SizeOfImage: 0xbd000 (774144) 3e38.4930: Resource Dir: 0xbb000 LB 0x520 3e38.4930: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 3e38.4930: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] 3e38.4930: ProductName: Microsoft® Windows® Operating System 3e38.4930: ProductVersion: 10.0.19041.1806 3e38.4930: FileVersion: 10.0.19041.1806 (WinBuild.160101.0800) 3e38.4930: FileDescription: Windows NT BASE API Client DLL 3e38.4930: \SystemRoot\System32\KernelBase.dll: 3e38.4930: CreationTime: 2022-07-14T21:44:12.409099000Z 3e38.4930: LastWriteTime: 2022-07-14T21:44:12.480163300Z 3e38.4930: ChangeTime: 2022-07-14T23:47:12.073360500Z 3e38.4930: FileAttributes: 0x20 3e38.4930: Size: 0x2d0058 3e38.4930: NT Headers: 0x100 3e38.4930: Timestamp: 0x299341e8 3e38.4930: Machine: 0x8664 - amd64 3e38.4930: Timestamp: 0x299341e8 3e38.4930: Image Version: 10.0 3e38.4930: SizeOfImage: 0x2ce000 (2940928) 3e38.4930: Resource Dir: 0x2a5000 LB 0x548 3e38.4930: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 3e38.4930: [Raw version resource data: 0x2a50b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] 3e38.4930: ProductName: Microsoft® Windows® Operating System 3e38.4930: ProductVersion: 10.0.19041.1826 3e38.4930: FileVersion: 10.0.19041.1826 (WinBuild.160101.0800) 3e38.4930: FileDescription: Windows NT BASE API Client DLL 3e38.4930: \SystemRoot\System32\apisetschema.dll: 3e38.4930: CreationTime: 2019-12-07T09:08:13.518339400Z 3e38.4930: LastWriteTime: 2019-12-07T09:08:13.518339400Z 3e38.4930: ChangeTime: 2022-07-14T21:44:59.119589800Z 3e38.4930: FileAttributes: 0x20 3e38.4930: Size: 0x1f538 3e38.4930: NT Headers: 0xd0 3e38.4930: Timestamp: 0x31288ce0 3e38.4930: Machine: 0x8664 - amd64 3e38.4930: Timestamp: 0x31288ce0 3e38.4930: Image Version: 10.0 3e38.4930: SizeOfImage: 0x20000 (131072) 3e38.4930: Resource Dir: 0x1f000 LB 0x408 3e38.4930: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 3e38.4930: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)] 3e38.4930: ProductName: Microsoft® Windows® Operating System 3e38.4930: ProductVersion: 10.0.19041.1 3e38.4930: FileVersion: 10.0.19041.1 (WinBuild.160101.0800) 3e38.4930: FileDescription: ApiSet Schema DLL 3e38.4930: NtOpenDirectoryObject failed on \Driver: 0xc0000022 3e38.4930: supR3HardenedWinFindAdversaries: 0x0 3e38.4930: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume6' 3e38.4930: Calling main() 3e38.4930: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2 3e38.4930: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume6' 3e38.4930: SUPR3HardenedMain: Respawn #1 3e38.4930: System32: \Device\HarddiskVolume6\Windows\System32 3e38.4930: WinSxS: \Device\HarddiskVolume6\Windows\WinSxS 3e38.4930: KnownDllPath: C:\WINDOWS\System32 3e38.4930: supR3HardenedWinInit: Performing a limited self purification... 3e38.4930: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION 3e38.4930: *0000000000000000-00000000003bffff 0x0001/0x0000 0x0000000 3e38.4930: *00000000003c0000-00000000003c0fff 0x0002/0x0002 0x0040000 3e38.4930: 00000000003c1000-00000000003cffff 0x0001/0x0000 0x0000000 3e38.4930: *00000000003d0000-00000000003d0fff 0x0002/0x0002 0x0040000 3e38.4930: 00000000003d1000-00000000003dffff 0x0001/0x0000 0x0000000 3e38.4930: *00000000003e0000-00000000003fcfff 0x0002/0x0002 0x0040000 3e38.4930: 00000000003fd000-00000000003fffff 0x0001/0x0000 0x0000000 3e38.4930: *0000000000400000-00000000005a1fff 0x0000/0x0004 0x0020000 3e38.4930: 00000000005a2000-00000000005a4fff 0x0004/0x0004 0x0020000 3e38.4930: 00000000005a5000-00000000005fffff 0x0000/0x0004 0x0020000 3e38.4930: *0000000000600000-00000000006b8fff 0x0000/0x0004 0x0020000 3e38.4930: 00000000006b9000-00000000006bbfff 0x0104/0x0004 0x0020000 3e38.4930: 00000000006bc000-00000000006fffff 0x0004/0x0004 0x0020000 3e38.4930: *0000000000700000-0000000000703fff 0x0002/0x0002 0x0040000 3e38.4930: 0000000000704000-000000000070ffff 0x0001/0x0000 0x0000000 3e38.4930: *0000000000710000-0000000000711fff 0x0004/0x0004 0x0020000 3e38.4930: 0000000000712000-000000000071ffff 0x0001/0x0000 0x0000000 3e38.4930: *0000000000720000-0000000000720fff 0x0002/0x0002 0x0040000 3e38.4930: 0000000000721000-000000000072ffff 0x0001/0x0000 0x0000000 3e38.4930: *0000000000730000-000000000073ffff 0x0004/0x0004 0x0040000 3e38.4930: *0000000000740000-0000000000808fff 0x0002/0x0002 0x0040000 3e38.4930: 0000000000809000-000000000084ffff 0x0001/0x0000 0x0000000 3e38.4930: *0000000000850000-0000000000855fff 0x0004/0x0004 0x0020000 3e38.4930: 0000000000856000-000000000094ffff 0x0000/0x0004 0x0020000 3e38.4930: *0000000000950000-0000000000951fff 0x0004/0x0004 0x0020000 3e38.4930: 0000000000952000-00000000009b1fff 0x0000/0x0004 0x0020000 3e38.4930: 00000000009b2000-00000000009bffff 0x0001/0x0000 0x0000000 3e38.4930: *00000000009c0000-00000000009e6fff 0x0004/0x0004 0x0020000 3e38.4930: 00000000009e7000-0000000000abffff 0x0000/0x0004 0x0020000 3e38.4930: 0000000000ac0000-0000000000acffff 0x0001/0x0000 0x0000000 3e38.4930: *0000000000ad0000-0000000000adefff 0x0004/0x0004 0x0020000 3e38.4930: 0000000000adf000-0000000000adffff 0x0000/0x0004 0x0020000 3e38.4930: *0000000000ae0000-0000000000ae8fff 0x0000/0x0004 0x0020000 3e38.4930: 0000000000ae9000-0000000000ce1fff 0x0004/0x0004 0x0020000 3e38.4930: 0000000000ce2000-0000000000ce2fff 0x0000/0x0004 0x0020000 3e38.4930: 0000000000ce3000-000000007ffdffff 0x0001/0x0000 0x0000000 3e38.4930: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 3e38.4930: 000000007ffe1000-000000007ffe3fff 0x0001/0x0000 0x0000000 3e38.4930: *000000007ffe4000-000000007ffe4fff 0x0002/0x0002 0x0020000 3e38.4930: 000000007ffe5000-00007ff49210ffff 0x0001/0x0000 0x0000000 3e38.4930: *00007ff492110000-00007ff492114fff 0x0002/0x0002 0x0040000 3e38.4930: 00007ff492115000-00007ff49220ffff 0x0000/0x0002 0x0040000 3e38.4930: *00007ff492210000-00007ff59222ffff 0x0000/0x0004 0x0020000 3e38.4930: *00007ff592230000-00007ff59422ffff 0x0000/0x0004 0x0020000 3e38.4930: 00007ff594230000-00007ff594230fff 0x0004/0x0004 0x0020000 3e38.4930: 00007ff594231000-00007ff59423ffff 0x0001/0x0000 0x0000000 3e38.4930: *00007ff594240000-00007ff594240fff 0x0002/0x0002 0x0040000 3e38.4930: 00007ff594241000-00007ff59424ffff 0x0001/0x0000 0x0000000 3e38.4930: *00007ff594250000-00007ff594272fff 0x0002/0x0002 0x0040000 3e38.4930: 00007ff594273000-00007ff755a9ffff 0x0001/0x0000 0x0000000 3e38.4930: *00007ff755aa0000-00007ff755aa0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755aa1000-00007ff755b17fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b18000-00007ff755b18fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b19000-00007ff755b61fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b62000-00007ff755b64fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b65000-00007ff755b67fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b68000-00007ff755b6afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b6b000-00007ff755b6bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b6c000-00007ff755b6dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b6e000-00007ff755b6efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b6f000-00007ff755bb7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755bb8000-00007ffb40e0ffff 0x0001/0x0000 0x0000000 3e38.4930: *00007ffb40e10000-00007ffb40e10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\KernelBase.dll 3e38.4930: 00007ffb40e11000-00007ffb40f25fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\KernelBase.dll 3e38.4930: 00007ffb40f26000-00007ffb4109ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\KernelBase.dll 3e38.4930: 00007ffb410a0000-00007ffb410a3fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\KernelBase.dll 3e38.4930: 00007ffb410a4000-00007ffb410a4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\KernelBase.dll 3e38.4930: 00007ffb410a5000-00007ffb410ddfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\KernelBase.dll 3e38.4930: 00007ffb410de000-00007ffb42f7ffff 0x0001/0x0000 0x0000000 3e38.4930: *00007ffb42f80000-00007ffb42f80fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\kernel32.dll 3e38.4930: 00007ffb42f81000-00007ffb42ffefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\kernel32.dll 3e38.4930: 00007ffb42fff000-00007ffb43031fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\kernel32.dll 3e38.4930: 00007ffb43032000-00007ffb43032fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\kernel32.dll 3e38.4930: 00007ffb43033000-00007ffb43033fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\kernel32.dll 3e38.4930: 00007ffb43034000-00007ffb4303cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\kernel32.dll 3e38.4930: 00007ffb4303d000-00007ffb4364ffff 0x0001/0x0000 0x0000000 3e38.4930: *00007ffb43650000-00007ffb43650fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb43651000-00007ffb4376cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb4376d000-00007ffb437b5fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb437b6000-00007ffb437b6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb437b7000-00007ffb437b8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb437b9000-00007ffb437c1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb437c2000-00007ffb43847fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb43848000-00007ffffffeffff 0x0001/0x0000 0x0000000 3e38.4930: kernel32.dll: timestamp 0x4d6d72d1 (rc=VINF_SUCCESS) 3e38.4930: kernelbase.dll: timestamp 0x299341e8 (rc=VINF_SUCCESS) 3e38.4930: VirtualBoxVM.exe: timestamp 0x623a5dfe (rc=VINF_SUCCESS) 3e38.4930: \Device\HarddiskVolume6\VirtualBoxVM.exe: Signature #1/2: info status: 24202 3e38.4930: '\Device\HarddiskVolume6\VirtualBoxVM.exe' has no imports 3e38.4930: '\Device\HarddiskVolume6\Windows\System32\ntdll.dll' has no imports 3e38.4930: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0 3e38.4930: \Device\HarddiskVolume6\VirtualBoxVM.exe: Signature #1/2: info status: 24202 3e38.4930: '\Device\HarddiskVolume6\VirtualBoxVM.exe' has no imports 3e38.4930: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume6\VirtualBoxVM.exe) 3e38.4930: supR3HardNtEnableThreadCreationEx: 3e38.4930: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffb436c4b00 pvNtTerminateThread=00007ffb436ed990 3e38.4930: supR3HardenedWinDoReSpawn(1): New child 56b0.135c [kernel32]. 3e38.4930: supR3HardNtChildGatherData: PebBaseAddress=000000000065e000 cbPeb=0x388 3e38.4930: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffb43650000 uNtDllChildAddr=00007ffb43650000 3e38.4930: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffb436c4b00 3e38.4930: supR3HardenedWinSetupChildInit: Initial context: rax=0000000000000000 rbx=0000000000000000 rcx=00007ff755aa7900 rdx=000000000065e000 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000 rip=00007ffb436a2630 rsp=00000000008ff938 rbp=0000000000000000 ctxflags=0010001b cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000 3e38.4930: supR3HardenedWinSetupChildInit: Start child. 3e38.4930: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms. 3e38.4930: supR3HardNtChildPurify: Startup delay kludge #1/0: 268 ms, 17 sleeps 3e38.4930: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 3e38.4930: *0000000000000000-00000000004cffff 0x0001/0x0000 0x0000000 3e38.4930: *00000000004d0000-00000000004effff 0x0004/0x0004 0x0020000 3e38.4930: *00000000004f0000-000000000050cfff 0x0002/0x0002 0x0040000 3e38.4930: 000000000050d000-000000000050ffff 0x0001/0x0000 0x0000000 3e38.4930: *0000000000510000-0000000000513fff 0x0002/0x0002 0x0040000 3e38.4930: 0000000000514000-000000000051ffff 0x0001/0x0000 0x0000000 3e38.4930: *0000000000520000-0000000000521fff 0x0004/0x0004 0x0020000 3e38.4930: 0000000000522000-00000000005fffff 0x0001/0x0000 0x0000000 3e38.4930: *0000000000600000-000000000065dfff 0x0000/0x0004 0x0020000 3e38.4930: 000000000065e000-0000000000660fff 0x0004/0x0004 0x0020000 3e38.4930: 0000000000661000-00000000007fffff 0x0000/0x0004 0x0020000 3e38.4930: *0000000000800000-00000000008fafff 0x0000/0x0004 0x0020000 3e38.4930: 00000000008fb000-00000000008fdfff 0x0104/0x0004 0x0020000 3e38.4930: 00000000008fe000-00000000008fffff 0x0004/0x0004 0x0020000 3e38.4930: 0000000000900000-000000007ffdffff 0x0001/0x0000 0x0000000 3e38.4930: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 3e38.4930: 000000007ffe1000-000000007ffe3fff 0x0001/0x0000 0x0000000 3e38.4930: *000000007ffe4000-000000007ffe4fff 0x0002/0x0002 0x0020000 3e38.4930: 000000007ffe5000-00007ff532c9ffff 0x0001/0x0000 0x0000000 3e38.4930: *00007ff532ca0000-00007ff532ca0fff 0x0002/0x0002 0x0040000 3e38.4930: 00007ff532ca1000-00007ff532caffff 0x0001/0x0000 0x0000000 3e38.4930: *00007ff532cb0000-00007ff532cd2fff 0x0002/0x0002 0x0040000 3e38.4930: 00007ff532cd3000-00007ff755a9ffff 0x0001/0x0000 0x0000000 3e38.4930: *00007ff755aa0000-00007ff755aa0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755aa1000-00007ff755b17fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b18000-00007ff755b18fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b19000-00007ff755b61fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b62000-00007ff755b62fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b63000-00007ff755b63fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b64000-00007ff755b68fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b69000-00007ff755b69fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b6a000-00007ff755b6afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b6b000-00007ff755b6efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755b6f000-00007ff755bb7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\VirtualBoxVM.exe 3e38.4930: 00007ff755bb8000-00007ffb4364ffff 0x0001/0x0000 0x0000000 3e38.4930: *00007ffb43650000-00007ffb43650fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb43651000-00007ffb4376cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb4376d000-00007ffb437b5fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb437b6000-00007ffb437c1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb437c2000-00007ffb437d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb437d1000-00007ffb437d1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb437d2000-00007ffb437d4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb437d5000-00007ffb43847fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\Windows\System32\ntdll.dll 3e38.4930: 00007ffb43848000-00007ffffffeffff 0x0001/0x0000 0x0000000 3e38.4930: supR3HardNtChildPurify: Done after 270 ms and 0 fixes (loop #0). 56b0.135c: Log file opened: 6.1.34r150636 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6300 56b0.135c: supR3HardenedVmProcessInit: uNtDllAddr=00007ffb43650000 g_uNtVerCombined=0xa04a6300 (stack ~00000000008ff3c8) 56b0.135c: ntdll.dll: timestamp 0x1000a5b9 (rc=VINF_SUCCESS) 56b0.135c: New simple heap: #1 0000000000a00000 LB 0x400000 (for 2064384 allocation) 3e38.4930: supR3HardNtEnableThreadCreationEx: 56b0.135c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume6' 56b0.135c: System32: \Device\HarddiskVolume6\Windows\System32 56b0.135c: WinSxS: \Device\HarddiskVolume6\Windows\WinSxS 56b0.135c: KnownDllPath: C:\WINDOWS\System32 56b0.135c: supR3HardenedVmProcessInit: Opening vboxdrv stub... 56b0.135c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk... 56b0.135c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk... 56b0.135c: Registered Dll notification callback with NTDLL. 56b0.135c: \Device\HarddiskVolume6\Windows\System32\kernel32.dll: Signature #1/1: VERR_SUP_VP_NOT_VALID_KERNEL_CODE_SIGNATURE (-5659) w/ timestamp=0x4d6d72d1/link. 56b0.135c: supHardenedWinVerifyImageByHandle: -> -5659 (\Device\HarddiskVolume6\Windows\System32\kernel32.dll) 56b0.135c: Error (rc=0): 56b0.135c: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5659 (0xffffe9e5) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume6\Windows\System32\kernel32.dll: Signature #1/1: Not valid kernel code signature.: \Device\HarddiskVolume6\Windows\System32\kernel32.dll 56b0.135c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume6\Windows\System32\kernel32.dll 56b0.135c: Error (rc=0): 56b0.135c: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\WINDOWS\System32\KERNEL32.DLL': rcNt=0xc0000190 56b0.135c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\WINDOWS\System32\KERNEL32.DLL' 3e38.4930: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000190 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 46 ms, CloseEvents);