VBox Hardening log 6.1.30

1. e9c10.e9d08: Log file opened: 6.1.30r148432 g_hStartupLog=0000000000000224 g_uNtVerCombined=0xa04a6200
2. e9c10.e9d08: \SystemRoot\System32\ntdll.dll:
3. e9c10.e9d08: CreationTime: 2021-11-03T22:16:59.466908900Z
4. e9c10.e9d08: LastWriteTime: 2021-11-03T22:16:59.501043100Z
5. e9c10.e9d08: ChangeTime: 2021-11-25T07:05:54.822623300Z
6. e9c10.e9d08: FileAttributes: 0x20
7. e9c10.e9d08: Size: 0x1ee520
8. e9c10.e9d08: NT Headers: 0xe8
9. e9c10.e9d08: Timestamp: 0xa280d1d6
10. e9c10.e9d08: Machine: 0x8664 - amd64
11. e9c10.e9d08: Timestamp: 0xa280d1d6
12. e9c10.e9d08: Image Version: 10.0
13. e9c10.e9d08: SizeOfImage: 0x1f5000 (2052096)
14. e9c10.e9d08: Resource Dir: 0x184000 LB 0x6fdc8
15. e9c10.e9d08: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
16. e9c10.e9d08: [Raw version resource data: 0x1840f0 LB 0x380, codepage 0x0 (reserved 0x0)]
17. e9c10.e9d08: ProductName: Microsoft® Windows® Operating System
18. e9c10.e9d08: ProductVersion: 10.0.19041.1288
19. e9c10.e9d08: FileVersion: 10.0.19041.1288 (WinBuild.160101.0800)
20. e9c10.e9d08: FileDescription: NT Layer DLL
21. e9c10.e9d08: \SystemRoot\System32\kernel32.dll:
22. e9c10.e9d08: CreationTime: 2021-09-23T07:20:09.442339800Z
23. e9c10.e9d08: LastWriteTime: 2021-09-23T07:20:09.456000900Z
24. e9c10.e9d08: ChangeTime: 2021-11-26T08:01:11.676618400Z
25. e9c10.e9d08: FileAttributes: 0x20
26. e9c10.e9d08: Size: 0xbc060
27. e9c10.e9d08: NT Headers: 0xe8
28. e9c10.e9d08: Timestamp: 0x871fae9
29. e9c10.e9d08: Machine: 0x8664 - amd64
30. e9c10.e9d08: Timestamp: 0x871fae9
31. e9c10.e9d08: Image Version: 10.0
32. e9c10.e9d08: SizeOfImage: 0xbe000 (778240)
33. e9c10.e9d08: Resource Dir: 0xbc000 LB 0x520
34. e9c10.e9d08: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
35. e9c10.e9d08: [Raw version resource data: 0xbc0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
36. e9c10.e9d08: ProductName: Microsoft® Windows® Operating System
37. e9c10.e9d08: ProductVersion: 10.0.19041.1202
38. e9c10.e9d08: FileVersion: 10.0.19041.1202 (WinBuild.160101.0800)
39. e9c10.e9d08: FileDescription: Windows NT BASE API Client DLL
40. e9c10.e9d08: \SystemRoot\System32\KernelBase.dll:
41. e9c10.e9d08: CreationTime: 2021-09-23T07:20:40.554952300Z
42. e9c10.e9d08: LastWriteTime: 2021-09-23T07:20:40.609156800Z
43. e9c10.e9d08: ChangeTime: 2021-11-26T08:01:11.677594100Z
44. e9c10.e9d08: FileAttributes: 0x20
45. e9c10.e9d08: Size: 0x2c9da8
46. e9c10.e9d08: NT Headers: 0xf0
47. e9c10.e9d08: Timestamp: 0xc9db1934
48. e9c10.e9d08: Machine: 0x8664 - amd64
49. e9c10.e9d08: Timestamp: 0xc9db1934
50. e9c10.e9d08: Image Version: 10.0
51. e9c10.e9d08: SizeOfImage: 0x2c9000 (2920448)
52. e9c10.e9d08: Resource Dir: 0x2a0000 LB 0x548
53. e9c10.e9d08: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
54. e9c10.e9d08: [Raw version resource data: 0x2a00b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
55. e9c10.e9d08: ProductName: Microsoft® Windows® Operating System
56. e9c10.e9d08: ProductVersion: 10.0.19041.1202
57. e9c10.e9d08: FileVersion: 10.0.19041.1202 (WinBuild.160101.0800)
58. e9c10.e9d08: FileDescription: Windows NT BASE API Client DLL
59. e9c10.e9d08: \SystemRoot\System32\apisetschema.dll:
60. e9c10.e9d08: CreationTime: 2019-12-07T09:08:13.518339400Z
61. e9c10.e9d08: LastWriteTime: 2019-12-07T09:08:13.518339400Z
62. e9c10.e9d08: ChangeTime: 2021-11-03T22:19:07.231909700Z
63. e9c10.e9d08: FileAttributes: 0x20
64. e9c10.e9d08: Size: 0x1f538
65. e9c10.e9d08: NT Headers: 0xd0
66. e9c10.e9d08: Timestamp: 0x31288ce0
67. e9c10.e9d08: Machine: 0x8664 - amd64
68. e9c10.e9d08: Timestamp: 0x31288ce0
69. e9c10.e9d08: Image Version: 10.0
70. e9c10.e9d08: SizeOfImage: 0x20000 (131072)
71. e9c10.e9d08: Resource Dir: 0x1f000 LB 0x408
72. e9c10.e9d08: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
73. e9c10.e9d08: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
74. e9c10.e9d08: ProductName: Microsoft® Windows® Operating System
75. e9c10.e9d08: ProductVersion: 10.0.19041.1
76. e9c10.e9d08: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
77. e9c10.e9d08: FileDescription: ApiSet Schema DLL
78. e9c10.e9d08: Found driver tmcomm (0x8)
79. e9c10.e9d08: Found driver tmevtmgr (0x8)
80. e9c10.e9d08: Found driver tmactmon (0x8)
81. e9c10.e9d08: Found driver tmeevw (0x8)
82. e9c10.e9d08: supR3HardenedWinFindAdversaries: 0x20018
83. e9c10.e9d08: \SystemRoot\System32\drivers\tmcomm.sys:
84. e9c10.e9d08: CreationTime: 2018-10-29T21:18:44.000000000Z
85. e9c10.e9d08: LastWriteTime: 2021-05-10T16:30:42.000000000Z
86. e9c10.e9d08: ChangeTime: 2021-11-20T10:11:29.643614500Z
87. e9c10.e9d08: FileAttributes: 0x20
88. e9c10.e9d08: Size: 0x67c90
89. e9c10.e9d08: NT Headers: 0xf8
90. e9c10.e9d08: Timestamp: 0x6090f15f
91. e9c10.e9d08: Machine: 0x8664 - amd64
92. e9c10.e9d08: Timestamp: 0x6090f15f
93. e9c10.e9d08: Image Version: 10.0
94. e9c10.e9d08: SizeOfImage: 0x69000 (430080)
95. e9c10.e9d08: Resource Dir: 0x67000 LB 0x568
96. e9c10.e9d08: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
97. e9c10.e9d08: [Raw version resource data: 0x67060 LB 0x508, codepage 0x0 (reserved 0x0)]
98. e9c10.e9d08: ProductName: Trend Micro Eyes
99. e9c10.e9d08: ProductVersion: 8.20
100. e9c10.e9d08: FileVersion: 8.20.0.1044
101. e9c10.e9d08: SpecialBuild: 1044
102. e9c10.e9d08: PrivateBuild: Build 1044 - 05/04/2021
103. e9c10.e9d08: FileDescription: TrendMicro Common Module
104. e9c10.e9d08: \SystemRoot\System32\drivers\tmactmon.sys:
105. e9c10.e9d08: CreationTime: 2021-10-27T18:23:39.020049500Z
106. e9c10.e9d08: LastWriteTime: 2021-07-02T00:33:46.000000000Z
107. e9c10.e9d08: ChangeTime: 2021-11-20T10:11:29.748620000Z
108. e9c10.e9d08: FileAttributes: 0x20
109. e9c10.e9d08: Size: 0x24cf8
110. e9c10.e9d08: NT Headers: 0x108
111. e9c10.e9d08: Timestamp: 0x60cb5587
112. e9c10.e9d08: Machine: 0x8664 - amd64
113. e9c10.e9d08: Timestamp: 0x60cb5587
114. e9c10.e9d08: Image Version: 6.1
115. e9c10.e9d08: SizeOfImage: 0x29000 (167936)
116. e9c10.e9d08: Resource Dir: 0x27000 LB 0x5d0
117. e9c10.e9d08: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
118. e9c10.e9d08: [Raw version resource data: 0x27060 LB 0x570, codepage 0x0 (reserved 0x0)]
119. e9c10.e9d08: ProductName: Trend Micro AEGIS
120. e9c10.e9d08: ProductVersion: 2.98
121. e9c10.e9d08: FileVersion: 2.98.0.1668
122. e9c10.e9d08: SpecialBuild: 1668
123. e9c10.e9d08: PrivateBuild: Build 1668 - $(build_date)
124. e9c10.e9d08: FileDescription: TrendMicro Activity Monitor Module
125. e9c10.e9d08: \SystemRoot\System32\drivers\tmevtmgr.sys:
126. e9c10.e9d08: CreationTime: 2021-10-27T18:23:39.024928800Z
127. e9c10.e9d08: LastWriteTime: 2021-07-02T00:33:48.000000000Z
128. e9c10.e9d08: ChangeTime: 2021-11-20T10:11:29.748620000Z
129. e9c10.e9d08: FileAttributes: 0x20
130. e9c10.e9d08: Size: 0x190f8
131. e9c10.e9d08: NT Headers: 0x108
132. e9c10.e9d08: Timestamp: 0x60cb5581
133. e9c10.e9d08: Machine: 0x8664 - amd64
134. e9c10.e9d08: Timestamp: 0x60cb5581
135. e9c10.e9d08: Image Version: 6.1
136. e9c10.e9d08: SizeOfImage: 0x1a000 (106496)
137. e9c10.e9d08: Resource Dir: 0x18000 LB 0x5d0
138. e9c10.e9d08: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
139. e9c10.e9d08: [Raw version resource data: 0x18060 LB 0x570, codepage 0x0 (reserved 0x0)]
140. e9c10.e9d08: ProductName: Trend Micro AEGIS
141. e9c10.e9d08: ProductVersion: 2.98
142. e9c10.e9d08: FileVersion: 2.98.0.1668
143. e9c10.e9d08: SpecialBuild: 1668
144. e9c10.e9d08: PrivateBuild: Build 1668 - $(build_date)
145. e9c10.e9d08: FileDescription: TrendMicro Event Management Module
146. e9c10.e9d08: \SystemRoot\System32\drivers\tmebc64.sys:
147. e9c10.e9d08: CreationTime: 2016-04-21T09:08:10.000000000Z
148. e9c10.e9d08: LastWriteTime: 2019-04-22T16:09:50.000000000Z
149. e9c10.e9d08: ChangeTime: 2021-11-20T10:11:29.563380800Z
150. e9c10.e9d08: FileAttributes: 0x20
151. e9c10.e9d08: Size: 0x12408
152. e9c10.e9d08: NT Headers: 0xe8
153. e9c10.e9d08: Timestamp: 0x5cb80c6d
154. e9c10.e9d08: Machine: 0x8664 - amd64
155. e9c10.e9d08: Timestamp: 0x5cb80c6d
156. e9c10.e9d08: Image Version: 6.0
157. e9c10.e9d08: SizeOfImage: 0x11000 (69632)
158. e9c10.e9d08: Resource Dir: 0xf000 LB 0x5a0
159. e9c10.e9d08: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
160. e9c10.e9d08: [Raw version resource data: 0xf060 LB 0x53c, codepage 0x0 (reserved 0x0)]
161. e9c10.e9d08: ProductName: Trend Micro Early Boot Clean
162. e9c10.e9d08: ProductVersion: 1.5
163. e9c10.e9d08: FileVersion: 1.5.0.1045
164. e9c10.e9d08: SpecialBuild: 1045
165. e9c10.e9d08: PrivateBuild: Build 1045 - 4/18/2019
166. e9c10.e9d08: FileDescription: Trend Micro early boot driver
167. e9c10.e9d08: \SystemRoot\System32\drivers\tmeevw.sys:
168. e9c10.e9d08: CreationTime: 2017-04-25T13:39:52.000000000Z
169. e9c10.e9d08: LastWriteTime: 2021-09-03T05:40:22.000000000Z
170. e9c10.e9d08: ChangeTime: 2021-11-20T10:11:42.070121800Z
171. e9c10.e9d08: FileAttributes: 0x20
172. e9c10.e9d08: Size: 0x25488
173. e9c10.e9d08: NT Headers: 0xe8
174. e9c10.e9d08: Timestamp: 0x5dba9302
175. e9c10.e9d08: Machine: 0x8664 - amd64
176. e9c10.e9d08: Timestamp: 0x5dba9302
177. e9c10.e9d08: Image Version: 10.0
178. e9c10.e9d08: SizeOfImage: 0x26000 (155648)
179. e9c10.e9d08: Resource Dir: 0x1f000 LB 0x5318
180. e9c10.e9d08: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
181. e9c10.e9d08: [Raw version resource data: 0x23e1c LB 0x4fc, codepage 0x4e4 (reserved 0x0)]
182. e9c10.e9d08: ProductName: Trend Micro EagleEye 3.5
183. e9c10.e9d08: ProductVersion: 3.5
184. e9c10.e9d08: FileVersion: 3.5.0.1017
185. e9c10.e9d08: SpecialBuild: 1017
186. e9c10.e9d08: PrivateBuild: Build 1017 - 10/31/2019
187. e9c10.e9d08: FileDescription: Trend Micro EagleEye Driver (VW) (amd64-fre)
188. e9c10.e9d08: \SystemRoot\System32\drivers\sakfile.sys:
189. e9c10.e9d08: CreationTime: 2021-10-21T12:00:06.983541800Z
190. e9c10.e9d08: LastWriteTime: 2021-10-21T12:00:06.984037700Z
191. e9c10.e9d08: ChangeTime: 2021-11-20T10:11:29.717377100Z
192. e9c10.e9d08: FileAttributes: 0x20
193. e9c10.e9d08: Size: 0x20af8
194. e9c10.e9d08: NT Headers: 0xd8
195. e9c10.e9d08: Timestamp: 0x6107a930
196. e9c10.e9d08: Machine: 0x8664 - amd64
197. e9c10.e9d08: Timestamp: 0x6107a930
198. e9c10.e9d08: Image Version: 10.0
199. e9c10.e9d08: SizeOfImage: 0x21000 (135168)
200. e9c10.e9d08: Resource Dir: 0x1f000 LB 0x550
201. e9c10.e9d08: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
202. e9c10.e9d08: [Raw version resource data: 0x1f060 LB 0x4ec, codepage 0x0 (reserved 0x0)]
203. e9c10.e9d08: ProductName: OfficeScan - Data Protection (DLPE-SDK)
204. e9c10.e9d08: ProductVersion: 6.2
205. e9c10.e9d08: FileVersion: 6.2.0.5046
206. e9c10.e9d08: SpecialBuild: 5046
207. e9c10.e9d08: PrivateBuild: Build 5046 - None
208. e9c10.e9d08: FileDescription: Trend Micro Data Loss Prevention Driver
209. e9c10.e9d08: \SystemRoot\System32\drivers\PGDriver.sys:
210. e9c10.e9d08: CreationTime: 2021-03-12T09:49:32.293810300Z
211. e9c10.e9d08: LastWriteTime: 2020-11-25T10:15:18.000000000Z
212. e9c10.e9d08: ChangeTime: 2021-11-24T16:11:31.545350000Z
213. e9c10.e9d08: FileAttributes: 0x20
214. e9c10.e9d08: Size: 0x21e60
215. e9c10.e9d08: NT Headers: 0xe8
216. e9c10.e9d08: Timestamp: 0x5fbe37bf
217. e9c10.e9d08: Machine: 0x8664 - amd64
218. e9c10.e9d08: Timestamp: 0x5fbe37bf
219. e9c10.e9d08: Image Version: 10.0
220. e9c10.e9d08: SizeOfImage: 0x25000 (151552)
221. e9c10.e9d08: Resource Dir: 0x1f000 LB 0x4308
222. e9c10.e9d08: [Version info resource found at 0x360! (ID/Name: 0x1; SubID/SubName: 0x409)]
223. e9c10.e9d08: [Raw version resource data: 0x22f10 LB 0x3f8, codepage 0x0 (reserved 0x0)]
224. e9c10.e9d08: ProductName: BeyondTrust Privilege Management
225. e9c10.e9d08: ProductVersion: 2020.11.25.2
226. e9c10.e9d08: FileVersion: 2020.11.25.2
227. e9c10.e9d08: SpecialBuild: D
228. e9c10.e9d08: FileDescription: BeyondTrust Privilege Management Driver
229. e9c10.e9d08: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume12\Program Files\Oracle\VirtualBox'
230. e9c10.e9d08: Calling main()
231. e9c10.e9d08: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
232. e9c10.e9d08: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume12\Program Files\Oracle\VirtualBox'
233. e9c10.e9d08: SUPR3HardenedMain: Respawn #1
234. e9c10.e9d08: System32: \Device\HarddiskVolume12\Windows\System32
235. e9c10.e9d08: WinSxS: \Device\HarddiskVolume12\Windows\WinSxS
236. e9c10.e9d08: KnownDllPath: C:\WINDOWS\System32
237. e9c10.e9d08: supR3HardenedWinInit: Performing a limited self purification...
238. e9c10.e9d08: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
239. e9c10.e9d08: *0000000000000000-0000000000d0ffff 0x0001/0x0000 0x0000000
240. e9c10.e9d08: *0000000000d10000-0000000000d1ffff 0x0004/0x0004 0x0040000
241. e9c10.e9d08: *0000000000d20000-0000000000d20fff 0x0002/0x0002 0x0040000
242. e9c10.e9d08: 0000000000d21000-0000000000d2ffff 0x0001/0x0000 0x0000000
243. e9c10.e9d08: *0000000000d30000-0000000000d4cfff 0x0002/0x0002 0x0040000
244. e9c10.e9d08: 0000000000d4d000-0000000000d4ffff 0x0001/0x0000 0x0000000
245. e9c10.e9d08: *0000000000d50000-0000000000d53fff 0x0002/0x0002 0x0040000
246. e9c10.e9d08: 0000000000d54000-0000000000d5ffff 0x0001/0x0000 0x0000000
247. e9c10.e9d08: *0000000000d60000-0000000000d61fff 0x0004/0x0004 0x0020000
248. e9c10.e9d08: 0000000000d62000-0000000000d6ffff 0x0001/0x0000 0x0000000
249. e9c10.e9d08: *0000000000d70000-0000000000d70fff 0x0004/0x0004 0x0020000
250. e9c10.e9d08: 0000000000d71000-0000000000d7ffff 0x0001/0x0000 0x0000000
251. e9c10.e9d08: *0000000000d80000-0000000000d81fff 0x0004/0x0004 0x0020000
252. e9c10.e9d08: 0000000000d82000-0000000000de1fff 0x0000/0x0004 0x0020000
253. e9c10.e9d08: 0000000000de2000-0000000000deffff 0x0001/0x0000 0x0000000
254. e9c10.e9d08: *0000000000df0000-0000000000df0fff 0x0002/0x0002 0x0040000
255. e9c10.e9d08: 0000000000df1000-0000000000dfffff 0x0001/0x0000 0x0000000
256. e9c10.e9d08: *0000000000e00000-0000000000e7efff 0x0000/0x0004 0x0020000
257. e9c10.e9d08: 0000000000e7f000-0000000000e81fff 0x0004/0x0004 0x0020000
258. e9c10.e9d08: 0000000000e82000-0000000000ffffff 0x0000/0x0004 0x0020000
259. e9c10.e9d08: *0000000001000000-00000000010b0fff 0x0000/0x0004 0x0020000
260. e9c10.e9d08: 00000000010b1000-00000000010b3fff 0x0104/0x0004 0x0020000
261. e9c10.e9d08: 00000000010b4000-00000000010fffff 0x0004/0x0004 0x0020000
262. e9c10.e9d08: *0000000001100000-0000000001100fff 0x0002/0x0002 0x0040000
263. e9c10.e9d08: 0000000001101000-000000000110ffff 0x0001/0x0000 0x0000000
264. e9c10.e9d08: *0000000001110000-0000000001110fff 0x0002/0x0002 0x0040000
265. e9c10.e9d08: 0000000001111000-000000000111ffff 0x0001/0x0000 0x0000000
266. e9c10.e9d08: *0000000001120000-0000000001166fff 0x0004/0x0004 0x0020000
267. e9c10.e9d08: 0000000001167000-000000000121ffff 0x0000/0x0004 0x0020000
268. e9c10.e9d08: *0000000001220000-00000000012e8fff 0x0002/0x0002 0x0040000
269. e9c10.e9d08: 00000000012e9000-00000000012effff 0x0001/0x0000 0x0000000
270. e9c10.e9d08: *00000000012f0000-000000000133cfff 0x0002/0x0002 0x0040000
271. e9c10.e9d08: 000000000133d000-00000000014effff 0x0000/0x0002 0x0040000
272. e9c10.e9d08: *00000000014f0000-00000000014f3fff 0x0002/0x0002 0x0040000
273. e9c10.e9d08: 00000000014f4000-00000000014f7fff 0x0000/0x0002 0x0040000
274. e9c10.e9d08: 00000000014f8000-00000000014fffff 0x0001/0x0000 0x0000000
275. e9c10.e9d08: *0000000001500000-0000000001680fff 0x0002/0x0002 0x0040000
276. e9c10.e9d08: 0000000001681000-000000000168ffff 0x0001/0x0000 0x0000000
277. e9c10.e9d08: *0000000001690000-000000000193efff 0x0002/0x0002 0x0040000
278. e9c10.e9d08: 000000000193f000-0000000002a90fff 0x0000/0x0002 0x0040000
279. e9c10.e9d08: 0000000002a91000-0000000002a9ffff 0x0001/0x0000 0x0000000
280. e9c10.e9d08: *0000000002aa0000-0000000002aa0fff 0x0004/0x0004 0x0020000
281. e9c10.e9d08: 0000000002aa1000-0000000002b01fff 0x0000/0x0004 0x0020000
282. e9c10.e9d08: 0000000002b02000-0000000002b2ffff 0x0001/0x0000 0x0000000
283. e9c10.e9d08: *0000000002b30000-0000000002b30fff 0x0004/0x0004 0x0020000
284. e9c10.e9d08: 0000000002b31000-0000000002b3ffff 0x0001/0x0000 0x0000000
285. e9c10.e9d08: *0000000002b40000-0000000002b40fff 0x0002/0x0004 0x0020000
286. e9c10.e9d08: 0000000002b41000-0000000002b41fff 0x0020/0x0004 0x0020000 !!
287. e9c10.e9d08: 0000000002b42000-0000000002b4ffff 0x0001/0x0000 0x0000000
288. e9c10.e9d08: *0000000002b50000-0000000002b50fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\umppc14211.dll
289. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 0000000002b50000 LB 0x1000 (base 0000000002b50000) - 'umppc14211.dll'
290. e9c10.e9d08: 0000000002b51000-0000000002b59fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\umppc14211.dll
291. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 0000000002b51000 LB 0x9000 (base 0000000002b50000) - 'umppc14211.dll'
292. e9c10.e9d08: 0000000002b5a000-0000000002b5dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\umppc14211.dll
293. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 0000000002b5a000 LB 0x4000 (base 0000000002b50000) - 'umppc14211.dll'
294. e9c10.e9d08: 0000000002b5e000-0000000002b5ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\umppc14211.dll
295. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 0000000002b5e000 LB 0x2000 (base 0000000002b50000) - 'umppc14211.dll'
296. e9c10.e9d08: 0000000002b60000-0000000002b60fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\umppc14211.dll
297. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 0000000002b60000 LB 0x1000 (base 0000000002b50000) - 'umppc14211.dll'
298. e9c10.e9d08: 0000000002b61000-0000000002b62fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\umppc14211.dll
299. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 0000000002b61000 LB 0x2000 (base 0000000002b50000) - 'umppc14211.dll'
300. e9c10.e9d08: 0000000002b63000-0000000002b6ffff 0x0001/0x0000 0x0000000
301. e9c10.e9d08: *0000000002b70000-0000000002b70fff 0x0002/0x0002 0x0040000
302. e9c10.e9d08: 0000000002b71000-0000000002baffff 0x0001/0x0000 0x0000000
303. e9c10.e9d08: *0000000002bb0000-0000000002bb0fff 0x0004/0x0004 0x0040000
304. e9c10.e9d08: 0000000002bb1000-0000000002bbffff 0x0001/0x0000 0x0000000
305. e9c10.e9d08: *0000000002bc0000-0000000002bc1fff 0x0004/0x0004 0x0020000
306. e9c10.e9d08: 0000000002bc2000-0000000002c21fff 0x0000/0x0004 0x0020000
307. e9c10.e9d08: 0000000002c22000-0000000002c4ffff 0x0001/0x0000 0x0000000
308. e9c10.e9d08: *0000000002c50000-0000000002c57fff 0x0004/0x0004 0x0020000
309. e9c10.e9d08: 0000000002c58000-0000000002c5ffff 0x0000/0x0004 0x0020000
310. e9c10.e9d08: 0000000002c60000-0000000002d2ffff 0x0001/0x0000 0x0000000
311. e9c10.e9d08: *0000000002d30000-0000000002d3efff 0x0004/0x0004 0x0020000
312. e9c10.e9d08: 0000000002d3f000-0000000002d3ffff 0x0000/0x0004 0x0020000
313. e9c10.e9d08: 0000000002d40000-0000000002dfffff 0x0001/0x0000 0x0000000
314. e9c10.e9d08: *0000000002e00000-0000000002e01fff 0x0004/0x0004 0x0020000
315. e9c10.e9d08: 0000000002e02000-0000000002e0ffff 0x0000/0x0004 0x0020000
316. e9c10.e9d08: *0000000002e10000-0000000002e10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\shell32.dll
317. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 0000000002e10000 LB 0x1000 (base 0000000002e10000) - 'shell32.dll'
318. e9c10.e9d08: 0000000002e11000-0000000003396fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\shell32.dll
319. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 0000000002e11000 LB 0x586000 (base 0000000002e10000) - 'shell32.dll'
320. e9c10.e9d08: 0000000003397000-00000000034defff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\shell32.dll
321. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 0000000003397000 LB 0x148000 (base 0000000002e10000) - 'shell32.dll'
322. e9c10.e9d08: 00000000034df000-00000000034e6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\shell32.dll
323. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00000000034df000 LB 0x8000 (base 0000000002e10000) - 'shell32.dll'
324. e9c10.e9d08: 00000000034e7000-00000000034e8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\shell32.dll
325. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00000000034e7000 LB 0x2000 (base 0000000002e10000) - 'shell32.dll'
326. e9c10.e9d08: 00000000034e9000-000000000354efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\shell32.dll
327. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00000000034e9000 LB 0x66000 (base 0000000002e10000) - 'shell32.dll'
328. e9c10.e9d08: 000000000354f000-000000000354ffff 0x0001/0x0000 0x0000000
329. e9c10.e9d08: *0000000003550000-0000000003887fff 0x0002/0x0002 0x0040000
330. e9c10.e9d08: 0000000003888000-000000000388ffff 0x0001/0x0000 0x0000000
331. e9c10.e9d08: *0000000003890000-000000000389dfff 0x0000/0x0004 0x0020000
332. e9c10.e9d08: 000000000389e000-0000000003a93fff 0x0004/0x0004 0x0020000
333. e9c10.e9d08: 0000000003a94000-0000000003a94fff 0x0000/0x0004 0x0020000
334. e9c10.e9d08: 0000000003a95000-0000000003a9ffff 0x0001/0x0000 0x0000000
335. e9c10.e9d08: *0000000003aa0000-0000000003ac6fff 0x0004/0x0004 0x0020000
336. e9c10.e9d08: 0000000003ac7000-0000000003b9ffff 0x0000/0x0004 0x0020000
337. e9c10.e9d08: 0000000003ba0000-000000004308ffff 0x0001/0x0000 0x0000000
338. e9c10.e9d08: *0000000043090000-000000004309ffff 0x0020/0x0040 0x0020000 !!
339. e9c10.e9d08: 00000000430a0000-000000007ffdffff 0x0001/0x0000 0x0000000
340. e9c10.e9d08: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
341. e9c10.e9d08: 000000007ffe1000-000000007ffe8fff 0x0001/0x0000 0x0000000
342. e9c10.e9d08: *000000007ffe9000-000000007ffe9fff 0x0002/0x0002 0x0020000
343. e9c10.e9d08: 000000007ffea000-000007fefff0ffff 0x0001/0x0000 0x0000000
344. e9c10.e9d08: *000007fefff10000-000007fefff10fff 0x0004/0x0040 0x0020000
345. e9c10.e9d08: 000007fefff11000-000007fefff1ffff 0x0001/0x0000 0x0000000
346. e9c10.e9d08: *000007fefff20000-000007fefff20fff 0x0004/0x0040 0x0020000
347. e9c10.e9d08: 000007fefff21000-000007fefff2ffff 0x0001/0x0000 0x0000000
348. e9c10.e9d08: *000007fefff30000-000007fefff30fff 0x0004/0x0040 0x0020000
349. e9c10.e9d08: 000007fefff31000-000007fefff3ffff 0x0001/0x0000 0x0000000
350. e9c10.e9d08: *000007fefff40000-000007fefff40fff 0x0004/0x0040 0x0020000
351. e9c10.e9d08: 000007fefff41000-000007fefff4ffff 0x0001/0x0000 0x0000000
352. e9c10.e9d08: *000007fefff50000-000007fefff50fff 0x0004/0x0040 0x0020000
353. e9c10.e9d08: 000007fefff51000-000007fefff5ffff 0x0001/0x0000 0x0000000
354. e9c10.e9d08: *000007fefff60000-000007fefff60fff 0x0004/0x0040 0x0020000
355. e9c10.e9d08: 000007fefff61000-000007fefff6ffff 0x0001/0x0000 0x0000000
356. e9c10.e9d08: *000007fefff70000-000007fefff70fff 0x0004/0x0040 0x0020000
357. e9c10.e9d08: 000007fefff71000-000007fefff7ffff 0x0001/0x0000 0x0000000
358. e9c10.e9d08: *000007fefff80000-000007fefff80fff 0x0004/0x0040 0x0020000
359. e9c10.e9d08: 000007fefff81000-000007fefff8ffff 0x0001/0x0000 0x0000000
360. e9c10.e9d08: *000007fefff90000-000007fefff90fff 0x0004/0x0040 0x0020000
361. e9c10.e9d08: 000007fefff91000-000007fefff9ffff 0x0001/0x0000 0x0000000
362. e9c10.e9d08: *000007fefffa0000-000007fefffa0fff 0x0004/0x0040 0x0020000
363. e9c10.e9d08: 000007fefffa1000-000007fefffaffff 0x0001/0x0000 0x0000000
364. e9c10.e9d08: *000007fefffb0000-000007fefffb0fff 0x0004/0x0040 0x0020000
365. e9c10.e9d08: 000007fefffb1000-000007fefffbffff 0x0001/0x0000 0x0000000
366. e9c10.e9d08: *000007fefffc0000-000007fefffc0fff 0x0004/0x0040 0x0020000
367. e9c10.e9d08: 000007fefffc1000-000007fefffcffff 0x0001/0x0000 0x0000000
368. e9c10.e9d08: *000007fefffd0000-000007fefffd0fff 0x0004/0x0040 0x0020000
369. e9c10.e9d08: 000007fefffd1000-000007fefffdffff 0x0001/0x0000 0x0000000
370. e9c10.e9d08: *000007fefffe0000-000007fefffe0fff 0x0004/0x0040 0x0020000
371. e9c10.e9d08: 000007fefffe1000-000007fefffeffff 0x0001/0x0000 0x0000000
372. e9c10.e9d08: *000007feffff0000-000007feffff0fff 0x0004/0x0040 0x0020000
373. e9c10.e9d08: 000007feffff1000-00007ff42b75ffff 0x0001/0x0000 0x0000000
374. e9c10.e9d08: *00007ff42b760000-00007ff42b764fff 0x0002/0x0002 0x0040000
375. e9c10.e9d08: 00007ff42b765000-00007ff42b85ffff 0x0000/0x0002 0x0040000
376. e9c10.e9d08: *00007ff42b860000-00007ff52b87ffff 0x0000/0x0004 0x0020000
377. e9c10.e9d08: *00007ff52b880000-00007ff52d87ffff 0x0000/0x0004 0x0020000
378. e9c10.e9d08: 00007ff52d880000-00007ff52d880fff 0x0004/0x0004 0x0020000
379. e9c10.e9d08: 00007ff52d881000-00007ff52d88ffff 0x0001/0x0000 0x0000000
380. e9c10.e9d08: *00007ff52d890000-00007ff52d890fff 0x0002/0x0002 0x0040000
381. e9c10.e9d08: 00007ff52d891000-00007ff52d89ffff 0x0001/0x0000 0x0000000
382. e9c10.e9d08: *00007ff52d8a0000-00007ff52d8c2fff 0x0002/0x0002 0x0040000
383. e9c10.e9d08: 00007ff52d8c3000-00007ff7967cffff 0x0001/0x0000 0x0000000
384. e9c10.e9d08: *00007ff7967d0000-00007ff7967d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
385. e9c10.e9d08: 00007ff7967d1000-00007ff796847fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
386. e9c10.e9d08: 00007ff796848000-00007ff796848fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
387. e9c10.e9d08: 00007ff796849000-00007ff796891fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
388. e9c10.e9d08: 00007ff796892000-00007ff796894fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
389. e9c10.e9d08: 00007ff796895000-00007ff796897fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
390. e9c10.e9d08: 00007ff796898000-00007ff79689afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
391. e9c10.e9d08: 00007ff79689b000-00007ff79689bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
392. e9c10.e9d08: 00007ff79689c000-00007ff79689dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
393. e9c10.e9d08: 00007ff79689e000-00007ff79689efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
394. e9c10.e9d08: 00007ff79689f000-00007ff7968e7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
395. e9c10.e9d08: 00007ff7968e8000-00007ffee73fffff 0x0001/0x0000 0x0000000
396. e9c10.e9d08: *00007ffee7400000-00007ffee740ffff 0x0020/0x0040 0x0020000 !!
397. e9c10.e9d08: 00007ffee7410000-00007ffef63fffff 0x0001/0x0000 0x0000000
398. e9c10.e9d08: *00007ffef6400000-00007ffef6400fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Windows Event Reporting\Core\EventReporting.ApplicationFilter.Monitor.Win64.dll
399. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffef6400000 LB 0x1000 (base 00007ffef6400000) - 'EventReporting.ApplicationFilter.Monitor.Win64.dll'
400. e9c10.e9d08: 00007ffef6401000-00007ffef649bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Windows Event Reporting\Core\EventReporting.ApplicationFilter.Monitor.Win64.dll
401. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffef6401000 LB 0x9b000 (base 00007ffef6400000) - 'EventReporting.ApplicationFilter.Monitor.Win64.dll'
402. e9c10.e9d08: 00007ffef649c000-00007ffef64bdfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Windows Event Reporting\Core\EventReporting.ApplicationFilter.Monitor.Win64.dll
403. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffef649c000 LB 0x22000 (base 00007ffef6400000) - 'EventReporting.ApplicationFilter.Monitor.Win64.dll'
404. e9c10.e9d08: 00007ffef64be000-00007ffef64befff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Windows Event Reporting\Core\EventReporting.ApplicationFilter.Monitor.Win64.dll
405. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffef64be000 LB 0x1000 (base 00007ffef6400000) - 'EventReporting.ApplicationFilter.Monitor.Win64.dll'
406. e9c10.e9d08: 00007ffef64bf000-00007ffef64c5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Windows Event Reporting\Core\EventReporting.ApplicationFilter.Monitor.Win64.dll
407. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffef64bf000 LB 0x7000 (base 00007ffef6400000) - 'EventReporting.ApplicationFilter.Monitor.Win64.dll'
408. e9c10.e9d08: 00007ffef64c6000-00007ffef64c9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Windows Event Reporting\Core\EventReporting.ApplicationFilter.Monitor.Win64.dll
409. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffef64c6000 LB 0x4000 (base 00007ffef6400000) - 'EventReporting.ApplicationFilter.Monitor.Win64.dll'
410. e9c10.e9d08: 00007ffef64ca000-00007ffef64d1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Windows Event Reporting\Core\EventReporting.ApplicationFilter.Monitor.Win64.dll
411. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffef64ca000 LB 0x8000 (base 00007ffef6400000) - 'EventReporting.ApplicationFilter.Monitor.Win64.dll'
412. e9c10.e9d08: 00007ffef64d2000-00007ffef64d2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Windows Event Reporting\Core\EventReporting.ApplicationFilter.Monitor.Win64.dll
413. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffef64d2000 LB 0x1000 (base 00007ffef6400000) - 'EventReporting.ApplicationFilter.Monitor.Win64.dll'
414. e9c10.e9d08: 00007ffef64d3000-00007ffef64d4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Windows Event Reporting\Core\EventReporting.ApplicationFilter.Monitor.Win64.dll
415. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffef64d3000 LB 0x2000 (base 00007ffef6400000) - 'EventReporting.ApplicationFilter.Monitor.Win64.dll'
416. e9c10.e9d08: 00007ffef64d5000-00007fff1600ffff 0x0001/0x0000 0x0000000
417. e9c10.e9d08: *00007fff16010000-00007fff16010fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\winspool.drv
418. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff16010000 LB 0x1000 (base 00007fff16010000) - 'winspool.drv'
419. e9c10.e9d08: 00007fff16011000-00007fff16065fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\winspool.drv
420. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff16011000 LB 0x55000 (base 00007fff16010000) - 'winspool.drv'
421. e9c10.e9d08: 00007fff16066000-00007fff16085fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\winspool.drv
422. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff16066000 LB 0x20000 (base 00007fff16010000) - 'winspool.drv'
423. e9c10.e9d08: 00007fff16086000-00007fff16087fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\winspool.drv
424. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff16086000 LB 0x2000 (base 00007fff16010000) - 'winspool.drv'
425. e9c10.e9d08: 00007fff16088000-00007fff160a4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\winspool.drv
426. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff16088000 LB 0x1d000 (base 00007fff16010000) - 'winspool.drv'
427. e9c10.e9d08: 00007fff160a5000-00007fff160bffff 0x0001/0x0000 0x0000000
428. e9c10.e9d08: *00007fff160c0000-00007fff160c1fff 0x0020/0x0040 0x0020000 !!
429. e9c10.e9d08: 00007fff160c2000-00007fff160c3fff 0x0004/0x0040 0x0020000
430. e9c10.e9d08: 00007fff160c4000-00007fff160cffff 0x0001/0x0000 0x0000000
431. e9c10.e9d08: *00007fff160d0000-00007fff160d0fff 0x0020/0x0040 0x0020000 !!
432. e9c10.e9d08: 00007fff160d1000-00007fff160d1fff 0x0004/0x0040 0x0020000
433. e9c10.e9d08: 00007fff160d2000-00007fff160d6fff 0x0000/0x0040 0x0020000
434. e9c10.e9d08: 00007fff160d7000-00007fff160dffff 0x0001/0x0000 0x0000000
435. e9c10.e9d08: *00007fff160e0000-00007fff160e1fff 0x0020/0x0040 0x0020000 !!
436. e9c10.e9d08: 00007fff160e2000-00007fff160e3fff 0x0004/0x0040 0x0020000
437. e9c10.e9d08: 00007fff160e4000-00007fff160effff 0x0001/0x0000 0x0000000
438. e9c10.e9d08: *00007fff160f0000-00007fff160f0fff 0x0020/0x0040 0x0020000 !!
439. e9c10.e9d08: 00007fff160f1000-00007fff160f1fff 0x0004/0x0040 0x0020000
440. e9c10.e9d08: 00007fff160f2000-00007fff160f6fff 0x0000/0x0040 0x0020000
441. e9c10.e9d08: 00007fff160f7000-00007fff160fffff 0x0001/0x0000 0x0000000
442. e9c10.e9d08: *00007fff16100000-00007fff16101fff 0x0020/0x0040 0x0020000 !!
443. e9c10.e9d08: 00007fff16102000-00007fff16103fff 0x0004/0x0040 0x0020000
444. e9c10.e9d08: 00007fff16104000-00007fff1610ffff 0x0001/0x0000 0x0000000
445. e9c10.e9d08: *00007fff16110000-00007fff16110fff 0x0020/0x0040 0x0020000 !!
446. e9c10.e9d08: 00007fff16111000-00007fff16111fff 0x0004/0x0040 0x0020000
447. e9c10.e9d08: 00007fff16112000-00007fff16116fff 0x0000/0x0040 0x0020000
448. e9c10.e9d08: 00007fff16117000-00007fff1aa6ffff 0x0001/0x0000 0x0000000
449. e9c10.e9d08: *00007fff1aa70000-00007fff1aa70fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\apphelp.dll
450. e9c10.e9d08: 00007fff1aa71000-00007fff1aabefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\apphelp.dll
451. e9c10.e9d08: 00007fff1aabf000-00007fff1aae0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\apphelp.dll
452. e9c10.e9d08: 00007fff1aae1000-00007fff1aae3fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\apphelp.dll
453. e9c10.e9d08: 00007fff1aae4000-00007fff1aafffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\apphelp.dll
454. e9c10.e9d08: 00007fff1ab00000-00007fff268fffff 0x0001/0x0000 0x0000000
455. e9c10.e9d08: *00007fff26900000-00007fff26900fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntmarta.dll
456. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26900000 LB 0x1000 (base 00007fff26900000) - 'ntmarta.dll'
457. e9c10.e9d08: 00007fff26901000-00007fff26923fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntmarta.dll
458. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26901000 LB 0x23000 (base 00007fff26900000) - 'ntmarta.dll'
459. e9c10.e9d08: 00007fff26924000-00007fff2692bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntmarta.dll
460. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26924000 LB 0x8000 (base 00007fff26900000) - 'ntmarta.dll'
461. e9c10.e9d08: 00007fff2692c000-00007fff2692dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntmarta.dll
462. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff2692c000 LB 0x2000 (base 00007fff26900000) - 'ntmarta.dll'
463. e9c10.e9d08: 00007fff2692e000-00007fff26932fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntmarta.dll
464. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff2692e000 LB 0x5000 (base 00007fff26900000) - 'ntmarta.dll'
465. e9c10.e9d08: 00007fff26933000-00007fff26a8ffff 0x0001/0x0000 0x0000000
466. e9c10.e9d08: *00007fff26a90000-00007fff26a90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\cryptbase.dll
467. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26a90000 LB 0x1000 (base 00007fff26a90000) - 'cryptbase.dll'
468. e9c10.e9d08: 00007fff26a91000-00007fff26a93fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\cryptbase.dll
469. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26a91000 LB 0x3000 (base 00007fff26a90000) - 'cryptbase.dll'
470. e9c10.e9d08: 00007fff26a94000-00007fff26a96fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\cryptbase.dll
471. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26a94000 LB 0x3000 (base 00007fff26a90000) - 'cryptbase.dll'
472. e9c10.e9d08: 00007fff26a97000-00007fff26a97fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\cryptbase.dll
473. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26a97000 LB 0x1000 (base 00007fff26a90000) - 'cryptbase.dll'
474. e9c10.e9d08: 00007fff26a98000-00007fff26a9bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\cryptbase.dll
475. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26a98000 LB 0x4000 (base 00007fff26a90000) - 'cryptbase.dll'
476. e9c10.e9d08: 00007fff26a9c000-00007fff26a9ffff 0x0001/0x0000 0x0000000
477. e9c10.e9d08: *00007fff26aa0000-00007fff26aa0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\rsaenh.dll
478. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26aa0000 LB 0x1000 (base 00007fff26aa0000) - 'rsaenh.dll'
479. e9c10.e9d08: 00007fff26aa1000-00007fff26ac3fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\rsaenh.dll
480. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26aa1000 LB 0x23000 (base 00007fff26aa0000) - 'rsaenh.dll'
481. e9c10.e9d08: 00007fff26ac4000-00007fff26acbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\rsaenh.dll
482. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26ac4000 LB 0x8000 (base 00007fff26aa0000) - 'rsaenh.dll'
483. e9c10.e9d08: 00007fff26acc000-00007fff26accfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\rsaenh.dll
484. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26acc000 LB 0x1000 (base 00007fff26aa0000) - 'rsaenh.dll'
485. e9c10.e9d08: 00007fff26acd000-00007fff26ad3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\rsaenh.dll
486. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26acd000 LB 0x7000 (base 00007fff26aa0000) - 'rsaenh.dll'
487. e9c10.e9d08: 00007fff26ad4000-00007fff26adffff 0x0001/0x0000 0x0000000
488. e9c10.e9d08: *00007fff26ae0000-00007fff26ae0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\cryptsp.dll
489. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26ae0000 LB 0x1000 (base 00007fff26ae0000) - 'cryptsp.dll'
490. e9c10.e9d08: 00007fff26ae1000-00007fff26aecfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\cryptsp.dll
491. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26ae1000 LB 0xc000 (base 00007fff26ae0000) - 'cryptsp.dll'
492. e9c10.e9d08: 00007fff26aed000-00007fff26af2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\cryptsp.dll
493. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26aed000 LB 0x6000 (base 00007fff26ae0000) - 'cryptsp.dll'
494. e9c10.e9d08: 00007fff26af3000-00007fff26af3fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\cryptsp.dll
495. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26af3000 LB 0x1000 (base 00007fff26ae0000) - 'cryptsp.dll'
496. e9c10.e9d08: 00007fff26af4000-00007fff26af7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\cryptsp.dll
497. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26af4000 LB 0x4000 (base 00007fff26ae0000) - 'cryptsp.dll'
498. e9c10.e9d08: 00007fff26af8000-00007fff26baffff 0x0001/0x0000 0x0000000
499. e9c10.e9d08: *00007fff26bb0000-00007fff26bb0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Avecto\Privilege Guard Client\PGHook.dll
500. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26bb0000 LB 0x1000 (base 00007fff26bb0000) - 'PGHook.dll'
501. e9c10.e9d08: 00007fff26bb1000-00007fff26c69fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Avecto\Privilege Guard Client\PGHook.dll
502. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26bb1000 LB 0xb9000 (base 00007fff26bb0000) - 'PGHook.dll'
503. e9c10.e9d08: 00007fff26c6a000-00007fff26cb2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Avecto\Privilege Guard Client\PGHook.dll
504. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26c6a000 LB 0x49000 (base 00007fff26bb0000) - 'PGHook.dll'
505. e9c10.e9d08: 00007fff26cb3000-00007fff26cb3fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Avecto\Privilege Guard Client\PGHook.dll
506. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26cb3000 LB 0x1000 (base 00007fff26bb0000) - 'PGHook.dll'
507. e9c10.e9d08: 00007fff26cb4000-00007fff26cb5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Avecto\Privilege Guard Client\PGHook.dll
508. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26cb4000 LB 0x2000 (base 00007fff26bb0000) - 'PGHook.dll'
509. e9c10.e9d08: 00007fff26cb6000-00007fff26cb8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Avecto\Privilege Guard Client\PGHook.dll
510. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26cb6000 LB 0x3000 (base 00007fff26bb0000) - 'PGHook.dll'
511. e9c10.e9d08: 00007fff26cb9000-00007fff26cbbfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Avecto\Privilege Guard Client\PGHook.dll
512. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26cb9000 LB 0x3000 (base 00007fff26bb0000) - 'PGHook.dll'
513. e9c10.e9d08: 00007fff26cbc000-00007fff26cbdfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Avecto\Privilege Guard Client\PGHook.dll
514. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26cbc000 LB 0x2000 (base 00007fff26bb0000) - 'PGHook.dll'
515. e9c10.e9d08: 00007fff26cbe000-00007fff26cd0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Avecto\Privilege Guard Client\PGHook.dll
516. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26cbe000 LB 0x13000 (base 00007fff26bb0000) - 'PGHook.dll'
517. e9c10.e9d08: 00007fff26cd1000-00007fff26cd1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Avecto\Privilege Guard Client\PGHook.dll
518. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26cd1000 LB 0x1000 (base 00007fff26bb0000) - 'PGHook.dll'
519. e9c10.e9d08: 00007fff26cd2000-00007fff26cd6fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Avecto\Privilege Guard Client\PGHook.dll
520. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26cd2000 LB 0x5000 (base 00007fff26bb0000) - 'PGHook.dll'
521. e9c10.e9d08: 00007fff26cd7000-00007fff26e8ffff 0x0001/0x0000 0x0000000
522. e9c10.e9d08: *00007fff26e90000-00007fff26e90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\gdi32full.dll
523. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26e90000 LB 0x1000 (base 00007fff26e90000) - 'gdi32full.dll'
524. e9c10.e9d08: 00007fff26e91000-00007fff26f2cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\gdi32full.dll
525. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26e91000 LB 0x9c000 (base 00007fff26e90000) - 'gdi32full.dll'
526. e9c10.e9d08: 00007fff26f2d000-00007fff26f79fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\gdi32full.dll
527. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26f2d000 LB 0x4d000 (base 00007fff26e90000) - 'gdi32full.dll'
528. e9c10.e9d08: 00007fff26f7a000-00007fff26f7dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\gdi32full.dll
529. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26f7a000 LB 0x4000 (base 00007fff26e90000) - 'gdi32full.dll'
530. e9c10.e9d08: 00007fff26f7e000-00007fff26f7efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\gdi32full.dll
531. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26f7e000 LB 0x1000 (base 00007fff26e90000) - 'gdi32full.dll'
532. e9c10.e9d08: 00007fff26f7f000-00007fff26f9afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\gdi32full.dll
533. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26f7f000 LB 0x1c000 (base 00007fff26e90000) - 'gdi32full.dll'
534. e9c10.e9d08: 00007fff26f9b000-00007fff26f9ffff 0x0001/0x0000 0x0000000
535. e9c10.e9d08: *00007fff26fa0000-00007fff26fa0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ucrtbase.dll
536. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26fa0000 LB 0x1000 (base 00007fff26fa0000) - 'ucrtbase.dll'
537. e9c10.e9d08: 00007fff26fa1000-00007fff27054fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ucrtbase.dll
538. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff26fa1000 LB 0xb4000 (base 00007fff26fa0000) - 'ucrtbase.dll'
539. e9c10.e9d08: 00007fff27055000-00007fff2708efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ucrtbase.dll
540. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27055000 LB 0x3a000 (base 00007fff26fa0000) - 'ucrtbase.dll'
541. e9c10.e9d08: 00007fff2708f000-00007fff27091fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ucrtbase.dll
542. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff2708f000 LB 0x3000 (base 00007fff26fa0000) - 'ucrtbase.dll'
543. e9c10.e9d08: 00007fff27092000-00007fff2709ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ucrtbase.dll
544. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27092000 LB 0xe000 (base 00007fff26fa0000) - 'ucrtbase.dll'
545. e9c10.e9d08: 00007fff270a0000-00007fff2714ffff 0x0001/0x0000 0x0000000
546. e9c10.e9d08: *00007fff27150000-00007fff27150fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\bcryptprimitives.dll
547. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27150000 LB 0x1000 (base 00007fff27150000) - 'bcryptprimitives.dll'
548. e9c10.e9d08: 00007fff27151000-00007fff271b5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\bcryptprimitives.dll
549. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27151000 LB 0x65000 (base 00007fff27150000) - 'bcryptprimitives.dll'
550. e9c10.e9d08: 00007fff271b6000-00007fff271cbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\bcryptprimitives.dll
551. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff271b6000 LB 0x16000 (base 00007fff27150000) - 'bcryptprimitives.dll'
552. e9c10.e9d08: 00007fff271cc000-00007fff271ccfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\bcryptprimitives.dll
553. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff271cc000 LB 0x1000 (base 00007fff27150000) - 'bcryptprimitives.dll'
554. e9c10.e9d08: 00007fff271cd000-00007fff271d2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\bcryptprimitives.dll
555. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff271cd000 LB 0x6000 (base 00007fff27150000) - 'bcryptprimitives.dll'
556. e9c10.e9d08: 00007fff271d3000-00007fff271dffff 0x0001/0x0000 0x0000000
557. e9c10.e9d08: *00007fff271e0000-00007fff271e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\bcrypt.dll
558. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff271e0000 LB 0x1000 (base 00007fff271e0000) - 'bcrypt.dll'
559. e9c10.e9d08: 00007fff271e1000-00007fff271fafff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\bcrypt.dll
560. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff271e1000 LB 0x1a000 (base 00007fff271e0000) - 'bcrypt.dll'
561. e9c10.e9d08: 00007fff271fb000-00007fff27200fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\bcrypt.dll
562. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff271fb000 LB 0x6000 (base 00007fff271e0000) - 'bcrypt.dll'
563. e9c10.e9d08: 00007fff27201000-00007fff27201fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\bcrypt.dll
564. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27201000 LB 0x1000 (base 00007fff271e0000) - 'bcrypt.dll'
565. e9c10.e9d08: 00007fff27202000-00007fff27206fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\bcrypt.dll
566. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27202000 LB 0x5000 (base 00007fff271e0000) - 'bcrypt.dll'
567. e9c10.e9d08: 00007fff27207000-00007fff2720ffff 0x0001/0x0000 0x0000000
568. e9c10.e9d08: *00007fff27210000-00007fff27210fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcp_win.dll
569. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27210000 LB 0x1000 (base 00007fff27210000) - 'msvcp_win.dll'
570. e9c10.e9d08: 00007fff27211000-00007fff27264fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcp_win.dll
571. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27211000 LB 0x54000 (base 00007fff27210000) - 'msvcp_win.dll'
572. e9c10.e9d08: 00007fff27265000-00007fff272a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcp_win.dll
573. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27265000 LB 0x3c000 (base 00007fff27210000) - 'msvcp_win.dll'
574. e9c10.e9d08: 00007fff272a1000-00007fff272a1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcp_win.dll
575. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff272a1000 LB 0x1000 (base 00007fff27210000) - 'msvcp_win.dll'
576. e9c10.e9d08: 00007fff272a2000-00007fff272a4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcp_win.dll
577. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff272a2000 LB 0x3000 (base 00007fff27210000) - 'msvcp_win.dll'
578. e9c10.e9d08: 00007fff272a5000-00007fff272acfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcp_win.dll
579. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff272a5000 LB 0x8000 (base 00007fff27210000) - 'msvcp_win.dll'
580. e9c10.e9d08: 00007fff272ad000-00007fff2740ffff 0x0001/0x0000 0x0000000
581. e9c10.e9d08: *00007fff27410000-00007fff27410fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\KernelBase.dll
582. e9c10.e9d08: 00007fff27411000-00007fff27522fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\KernelBase.dll
583. e9c10.e9d08: 00007fff27523000-00007fff2769afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\KernelBase.dll
584. e9c10.e9d08: 00007fff2769b000-00007fff2769efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\KernelBase.dll
585. e9c10.e9d08: 00007fff2769f000-00007fff2769ffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\KernelBase.dll
586. e9c10.e9d08: 00007fff276a0000-00007fff276d8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\KernelBase.dll
587. e9c10.e9d08: 00007fff276d9000-00007fff276dffff 0x0001/0x0000 0x0000000
588. e9c10.e9d08: *00007fff276e0000-00007fff276e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\win32u.dll
589. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff276e0000 LB 0x1000 (base 00007fff276e0000) - 'win32u.dll'
590. e9c10.e9d08: 00007fff276e1000-00007fff276ebfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\win32u.dll
591. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff276e1000 LB 0xb000 (base 00007fff276e0000) - 'win32u.dll'
592. e9c10.e9d08: 00007fff276ec000-00007fff276fafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\win32u.dll
593. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff276ec000 LB 0xf000 (base 00007fff276e0000) - 'win32u.dll'
594. e9c10.e9d08: 00007fff276fb000-00007fff276fbfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\win32u.dll
595. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff276fb000 LB 0x1000 (base 00007fff276e0000) - 'win32u.dll'
596. e9c10.e9d08: 00007fff276fc000-00007fff27701fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\win32u.dll
597. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff276fc000 LB 0x6000 (base 00007fff276e0000) - 'win32u.dll'
598. e9c10.e9d08: 00007fff27702000-00007fff2770ffff 0x0001/0x0000 0x0000000
599. e9c10.e9d08: *00007fff27710000-00007fff27710fff 0x0020/0x0040 0x0020000 !!
600. e9c10.e9d08: 00007fff27711000-00007fff2771afff 0x0000/0x0040 0x0020000
601. e9c10.e9d08: 00007fff2771b000-00007fff2772ffff 0x0001/0x0000 0x0000000
602. e9c10.e9d08: *00007fff27730000-00007fff27731fff 0x0020/0x0040 0x0020000 !!
603. e9c10.e9d08: 00007fff27732000-00007fff27733fff 0x0004/0x0040 0x0020000
604. e9c10.e9d08: 00007fff27734000-00007fff2773ffff 0x0001/0x0000 0x0000000
605. e9c10.e9d08: *00007fff27740000-00007fff27740fff 0x0020/0x0040 0x0020000 !!
606. e9c10.e9d08: 00007fff27741000-00007fff27741fff 0x0004/0x0040 0x0020000
607. e9c10.e9d08: 00007fff27742000-00007fff277bffff 0x0001/0x0000 0x0000000
608. e9c10.e9d08: *00007fff277c0000-00007fff277c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcrt.dll
609. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff277c0000 LB 0x1000 (base 00007fff277c0000) - 'msvcrt.dll'
610. e9c10.e9d08: 00007fff277c1000-00007fff27835fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcrt.dll
611. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff277c1000 LB 0x75000 (base 00007fff277c0000) - 'msvcrt.dll'
612. e9c10.e9d08: 00007fff27836000-00007fff2784efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcrt.dll
613. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27836000 LB 0x19000 (base 00007fff277c0000) - 'msvcrt.dll'
614. e9c10.e9d08: 00007fff2784f000-00007fff27850fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcrt.dll
615. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff2784f000 LB 0x2000 (base 00007fff277c0000) - 'msvcrt.dll'
616. e9c10.e9d08: 00007fff27851000-00007fff27853fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcrt.dll
617. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27851000 LB 0x3000 (base 00007fff277c0000) - 'msvcrt.dll'
618. e9c10.e9d08: 00007fff27854000-00007fff27855fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcrt.dll
619. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27854000 LB 0x2000 (base 00007fff277c0000) - 'msvcrt.dll'
620. e9c10.e9d08: 00007fff27856000-00007fff27856fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcrt.dll
621. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27856000 LB 0x1000 (base 00007fff277c0000) - 'msvcrt.dll'
622. e9c10.e9d08: 00007fff27857000-00007fff2785dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\msvcrt.dll
623. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27857000 LB 0x7000 (base 00007fff277c0000) - 'msvcrt.dll'
624. e9c10.e9d08: 00007fff2785e000-00007fff2785ffff 0x0001/0x0000 0x0000000
625. e9c10.e9d08: *00007fff27860000-00007fff27860fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\imm32.dll
626. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27860000 LB 0x1000 (base 00007fff27860000) - 'imm32.dll'
627. e9c10.e9d08: 00007fff27861000-00007fff2787efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\imm32.dll
628. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27861000 LB 0x1e000 (base 00007fff27860000) - 'imm32.dll'
629. e9c10.e9d08: 00007fff2787f000-00007fff27885fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\imm32.dll
630. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff2787f000 LB 0x7000 (base 00007fff27860000) - 'imm32.dll'
631. e9c10.e9d08: 00007fff27886000-00007fff27886fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\imm32.dll
632. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27886000 LB 0x1000 (base 00007fff27860000) - 'imm32.dll'
633. e9c10.e9d08: 00007fff27887000-00007fff2788ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\imm32.dll
634. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27887000 LB 0x9000 (base 00007fff27860000) - 'imm32.dll'
635. e9c10.e9d08: 00007fff27890000-00007fff2794ffff 0x0001/0x0000 0x0000000
636. e9c10.e9d08: *00007fff27950000-00007fff27950fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\gdi32.dll
637. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27950000 LB 0x1000 (base 00007fff27950000) - 'gdi32.dll'
638. e9c10.e9d08: 00007fff27951000-00007fff2795ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\gdi32.dll
639. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27951000 LB 0xf000 (base 00007fff27950000) - 'gdi32.dll'
640. e9c10.e9d08: 00007fff27960000-00007fff27973fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\gdi32.dll
641. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27960000 LB 0x14000 (base 00007fff27950000) - 'gdi32.dll'
642. e9c10.e9d08: 00007fff27974000-00007fff27974fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\gdi32.dll
643. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27974000 LB 0x1000 (base 00007fff27950000) - 'gdi32.dll'
644. e9c10.e9d08: 00007fff27975000-00007fff2797afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\gdi32.dll
645. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27975000 LB 0x6000 (base 00007fff27950000) - 'gdi32.dll'
646. e9c10.e9d08: 00007fff2797b000-00007fff2797ffff 0x0001/0x0000 0x0000000
647. e9c10.e9d08: *00007fff27980000-00007fff27980fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\kernel32.dll
648. e9c10.e9d08: 00007fff27981000-00007fff279fffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\kernel32.dll
649. e9c10.e9d08: 00007fff27a00000-00007fff27a32fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\kernel32.dll
650. e9c10.e9d08: 00007fff27a33000-00007fff27a33fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\kernel32.dll
651. e9c10.e9d08: 00007fff27a34000-00007fff27a34fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\kernel32.dll
652. e9c10.e9d08: 00007fff27a35000-00007fff27a3dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\kernel32.dll
653. e9c10.e9d08: 00007fff27a3e000-00007fff27a3ffff 0x0001/0x0000 0x0000000
654. e9c10.e9d08: *00007fff27a40000-00007fff27a40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\sechost.dll
655. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27a40000 LB 0x1000 (base 00007fff27a40000) - 'sechost.dll'
656. e9c10.e9d08: 00007fff27a41000-00007fff27aa5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\sechost.dll
657. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27a41000 LB 0x65000 (base 00007fff27a40000) - 'sechost.dll'
658. e9c10.e9d08: 00007fff27aa6000-00007fff27accfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\sechost.dll
659. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27aa6000 LB 0x27000 (base 00007fff27a40000) - 'sechost.dll'
660. e9c10.e9d08: 00007fff27acd000-00007fff27acdfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\sechost.dll
661. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27acd000 LB 0x1000 (base 00007fff27a40000) - 'sechost.dll'
662. e9c10.e9d08: 00007fff27ace000-00007fff27acefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\sechost.dll
663. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27ace000 LB 0x1000 (base 00007fff27a40000) - 'sechost.dll'
664. e9c10.e9d08: 00007fff27acf000-00007fff27ad0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\sechost.dll
665. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27acf000 LB 0x2000 (base 00007fff27a40000) - 'sechost.dll'
666. e9c10.e9d08: 00007fff27ad1000-00007fff27adafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\sechost.dll
667. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27ad1000 LB 0xa000 (base 00007fff27a40000) - 'sechost.dll'
668. e9c10.e9d08: 00007fff27adb000-00007fff27aeffff 0x0001/0x0000 0x0000000
669. e9c10.e9d08: *00007fff27af0000-00007fff27af1fff 0x0020/0x0040 0x0020000 !!
670. e9c10.e9d08: 00007fff27af2000-00007fff27af3fff 0x0004/0x0040 0x0020000
671. e9c10.e9d08: 00007fff27af4000-00007fff27afffff 0x0001/0x0000 0x0000000
672. e9c10.e9d08: *00007fff27b00000-00007fff27b00fff 0x0020/0x0040 0x0020000 !!
673. e9c10.e9d08: 00007fff27b01000-00007fff27b01fff 0x0004/0x0040 0x0020000
674. e9c10.e9d08: 00007fff27b02000-00007fff27b0dfff 0x0000/0x0040 0x0020000
675. e9c10.e9d08: 00007fff27b0e000-00007fff27b0ffff 0x0001/0x0000 0x0000000
676. e9c10.e9d08: *00007fff27b10000-00007fff27b11fff 0x0020/0x0040 0x0020000 !!
677. e9c10.e9d08: 00007fff27b12000-00007fff27b13fff 0x0004/0x0040 0x0020000
678. e9c10.e9d08: 00007fff27b14000-00007fff27b1ffff 0x0001/0x0000 0x0000000
679. e9c10.e9d08: *00007fff27b20000-00007fff27b20fff 0x0020/0x0040 0x0020000 !!
680. e9c10.e9d08: 00007fff27b21000-00007fff27b21fff 0x0004/0x0040 0x0020000
681. e9c10.e9d08: 00007fff27b22000-00007fff27b2dfff 0x0000/0x0040 0x0020000
682. e9c10.e9d08: 00007fff27b2e000-00007fff27b2ffff 0x0001/0x0000 0x0000000
683. e9c10.e9d08: *00007fff27b30000-00007fff27b31fff 0x0020/0x0040 0x0020000 !!
684. e9c10.e9d08: 00007fff27b32000-00007fff27b33fff 0x0004/0x0040 0x0020000
685. e9c10.e9d08: 00007fff27b34000-00007fff27b3ffff 0x0001/0x0000 0x0000000
686. e9c10.e9d08: *00007fff27b40000-00007fff27b40fff 0x0020/0x0040 0x0020000 !!
687. e9c10.e9d08: 00007fff27b41000-00007fff27b41fff 0x0004/0x0040 0x0020000
688. e9c10.e9d08: 00007fff27b42000-00007fff27b4bfff 0x0000/0x0040 0x0020000
689. e9c10.e9d08: 00007fff27b4c000-00007fff27b4ffff 0x0001/0x0000 0x0000000
690. e9c10.e9d08: *00007fff27b50000-00007fff27b51fff 0x0020/0x0040 0x0020000 !!
691. e9c10.e9d08: 00007fff27b52000-00007fff27b53fff 0x0004/0x0040 0x0020000
692. e9c10.e9d08: 00007fff27b54000-00007fff27b5ffff 0x0001/0x0000 0x0000000
693. e9c10.e9d08: *00007fff27b60000-00007fff27b60fff 0x0020/0x0040 0x0020000 !!
694. e9c10.e9d08: 00007fff27b61000-00007fff27b61fff 0x0004/0x0040 0x0020000
695. e9c10.e9d08: 00007fff27b62000-00007fff27b6efff 0x0000/0x0040 0x0020000
696. e9c10.e9d08: 00007fff27b6f000-00007fff27c2ffff 0x0001/0x0000 0x0000000
697. e9c10.e9d08: *00007fff27c30000-00007fff27c30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\combase.dll
698. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27c30000 LB 0x1000 (base 00007fff27c30000) - 'combase.dll'
699. e9c10.e9d08: 00007fff27c31000-00007fff27e6afff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\combase.dll
700. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27c31000 LB 0x23a000 (base 00007fff27c30000) - 'combase.dll'
701. e9c10.e9d08: 00007fff27e6b000-00007fff27f30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\combase.dll
702. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27e6b000 LB 0xc6000 (base 00007fff27c30000) - 'combase.dll'
703. e9c10.e9d08: 00007fff27f31000-00007fff27f36fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\combase.dll
704. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27f31000 LB 0x6000 (base 00007fff27c30000) - 'combase.dll'
705. e9c10.e9d08: 00007fff27f37000-00007fff27f84fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\combase.dll
706. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff27f37000 LB 0x4e000 (base 00007fff27c30000) - 'combase.dll'
707. e9c10.e9d08: 00007fff27f85000-00007fff2805ffff 0x0001/0x0000 0x0000000
708. e9c10.e9d08: *00007fff28060000-00007fff28060fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\advapi32.dll
709. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff28060000 LB 0x1000 (base 00007fff28060000) - 'advapi32.dll'
710. e9c10.e9d08: 00007fff28061000-00007fff280c7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\advapi32.dll
711. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff28061000 LB 0x67000 (base 00007fff28060000) - 'advapi32.dll'
712. e9c10.e9d08: 00007fff280c8000-00007fff280fdfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\advapi32.dll
713. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff280c8000 LB 0x36000 (base 00007fff28060000) - 'advapi32.dll'
714. e9c10.e9d08: 00007fff280fe000-00007fff280fefff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\advapi32.dll
715. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff280fe000 LB 0x1000 (base 00007fff28060000) - 'advapi32.dll'
716. e9c10.e9d08: 00007fff280ff000-00007fff280fffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\advapi32.dll
717. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff280ff000 LB 0x1000 (base 00007fff28060000) - 'advapi32.dll'
718. e9c10.e9d08: 00007fff28100000-00007fff28101fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\advapi32.dll
719. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff28100000 LB 0x2000 (base 00007fff28060000) - 'advapi32.dll'
720. e9c10.e9d08: 00007fff28102000-00007fff28102fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\advapi32.dll
721. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff28102000 LB 0x1000 (base 00007fff28060000) - 'advapi32.dll'
722. e9c10.e9d08: 00007fff28103000-00007fff2810bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\advapi32.dll
723. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff28103000 LB 0x9000 (base 00007fff28060000) - 'advapi32.dll'
724. e9c10.e9d08: 00007fff2810c000-00007fff2811ffff 0x0001/0x0000 0x0000000
725. e9c10.e9d08: *00007fff28120000-00007fff28121fff 0x0020/0x0040 0x0020000 !!
726. e9c10.e9d08: 00007fff28122000-00007fff28123fff 0x0004/0x0040 0x0020000
727. e9c10.e9d08: 00007fff28124000-00007fff2812ffff 0x0001/0x0000 0x0000000
728. e9c10.e9d08: *00007fff28130000-00007fff28130fff 0x0020/0x0040 0x0020000 !!
729. e9c10.e9d08: 00007fff28131000-00007fff28131fff 0x0004/0x0040 0x0020000
730. e9c10.e9d08: 00007fff28132000-00007fff28138fff 0x0000/0x0040 0x0020000
731. e9c10.e9d08: 00007fff28139000-00007fff2813ffff 0x0001/0x0000 0x0000000
732. e9c10.e9d08: *00007fff28140000-00007fff28141fff 0x0020/0x0040 0x0020000 !!
733. e9c10.e9d08: 00007fff28142000-00007fff28143fff 0x0004/0x0040 0x0020000
734. e9c10.e9d08: 00007fff28144000-00007fff2814ffff 0x0001/0x0000 0x0000000
735. e9c10.e9d08: *00007fff28150000-00007fff28150fff 0x0020/0x0040 0x0020000 !!
736. e9c10.e9d08: 00007fff28151000-00007fff28151fff 0x0004/0x0040 0x0020000
737. e9c10.e9d08: 00007fff28152000-00007fff28155fff 0x0000/0x0040 0x0020000
738. e9c10.e9d08: 00007fff28156000-00007fff283fffff 0x0001/0x0000 0x0000000
739. e9c10.e9d08: *00007fff28400000-00007fff28400fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ole32.dll
740. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff28400000 LB 0x1000 (base 00007fff28400000) - 'ole32.dll'
741. e9c10.e9d08: 00007fff28401000-00007fff284ccfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ole32.dll
742. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff28401000 LB 0xcc000 (base 00007fff28400000) - 'ole32.dll'
743. e9c10.e9d08: 00007fff284cd000-00007fff284fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ole32.dll
744. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff284cd000 LB 0x32000 (base 00007fff28400000) - 'ole32.dll'
745. e9c10.e9d08: 00007fff284ff000-00007fff28500fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ole32.dll
746. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff284ff000 LB 0x2000 (base 00007fff28400000) - 'ole32.dll'
747. e9c10.e9d08: 00007fff28501000-00007fff28501fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ole32.dll
748. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff28501000 LB 0x1000 (base 00007fff28400000) - 'ole32.dll'
749. e9c10.e9d08: 00007fff28502000-00007fff28529fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ole32.dll
750. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff28502000 LB 0x28000 (base 00007fff28400000) - 'ole32.dll'
751. e9c10.e9d08: 00007fff2852a000-00007fff2853ffff 0x0001/0x0000 0x0000000
752. e9c10.e9d08: *00007fff28540000-00007fff28541fff 0x0020/0x0040 0x0020000 !!
753. e9c10.e9d08: 00007fff28542000-00007fff28543fff 0x0004/0x0040 0x0020000
754. e9c10.e9d08: 00007fff28544000-00007fff2854ffff 0x0001/0x0000 0x0000000
755. e9c10.e9d08: *00007fff28550000-00007fff28550fff 0x0020/0x0040 0x0020000 !!
756. e9c10.e9d08: 00007fff28551000-00007fff28551fff 0x0004/0x0040 0x0020000
757. e9c10.e9d08: 00007fff28552000-00007fff28556fff 0x0000/0x0040 0x0020000
758. e9c10.e9d08: 00007fff28557000-00007fff2855ffff 0x0001/0x0000 0x0000000
759. e9c10.e9d08: *00007fff28560000-00007fff28561fff 0x0020/0x0040 0x0020000 !!
760. e9c10.e9d08: 00007fff28562000-00007fff28563fff 0x0004/0x0040 0x0020000
761. e9c10.e9d08: 00007fff28564000-00007fff2856ffff 0x0001/0x0000 0x0000000
762. e9c10.e9d08: *00007fff28570000-00007fff28570fff 0x0020/0x0040 0x0020000 !!
763. e9c10.e9d08: 00007fff28571000-00007fff28571fff 0x0004/0x0040 0x0020000
764. e9c10.e9d08: 00007fff28572000-00007fff287fffff 0x0001/0x0000 0x0000000
765. e9c10.e9d08: *00007fff28800000-00007fff28800fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\user32.dll
766. e9c10.e9d08: 00007fff28801000-00007fff28891fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\user32.dll
767. e9c10.e9d08: 00007fff28892000-00007fff288b2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\user32.dll
768. e9c10.e9d08: 00007fff288b3000-00007fff288b4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\user32.dll
769. e9c10.e9d08: 00007fff288b5000-00007fff289a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\user32.dll
770. e9c10.e9d08: 00007fff289a1000-00007fff289bffff 0x0001/0x0000 0x0000000
771. e9c10.e9d08: *00007fff289c0000-00007fff289c1fff 0x0020/0x0040 0x0020000 !!
772. e9c10.e9d08: 00007fff289c2000-00007fff289c3fff 0x0004/0x0040 0x0020000
773. e9c10.e9d08: 00007fff289c4000-00007fff289cffff 0x0001/0x0000 0x0000000
774. e9c10.e9d08: *00007fff289d0000-00007fff289d0fff 0x0020/0x0040 0x0020000 !!
775. e9c10.e9d08: 00007fff289d1000-00007fff289d1fff 0x0004/0x0040 0x0020000
776. e9c10.e9d08: 00007fff289d2000-00007fff289dffff 0x0001/0x0000 0x0000000
777. e9c10.e9d08: *00007fff289e0000-00007fff289e1fff 0x0020/0x0040 0x0020000 !!
778. e9c10.e9d08: 00007fff289e2000-00007fff289e3fff 0x0004/0x0040 0x0020000
779. e9c10.e9d08: 00007fff289e4000-00007fff289effff 0x0001/0x0000 0x0000000
780. e9c10.e9d08: *00007fff289f0000-00007fff289f0fff 0x0020/0x0040 0x0020000 !!
781. e9c10.e9d08: 00007fff289f1000-00007fff289f1fff 0x0004/0x0040 0x0020000
782. e9c10.e9d08: 00007fff289f2000-00007fff289fcfff 0x0000/0x0040 0x0020000
783. e9c10.e9d08: 00007fff289fd000-00007fff2917ffff 0x0001/0x0000 0x0000000
784. e9c10.e9d08: *00007fff29180000-00007fff29180fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\rpcrt4.dll
785. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff29180000 LB 0x1000 (base 00007fff29180000) - 'rpcrt4.dll'
786. e9c10.e9d08: 00007fff29181000-00007fff29266fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\rpcrt4.dll
787. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff29181000 LB 0xe6000 (base 00007fff29180000) - 'rpcrt4.dll'
788. e9c10.e9d08: 00007fff29267000-00007fff29292fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\rpcrt4.dll
789. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff29267000 LB 0x2c000 (base 00007fff29180000) - 'rpcrt4.dll'
790. e9c10.e9d08: 00007fff29293000-00007fff29294fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\rpcrt4.dll
791. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff29293000 LB 0x2000 (base 00007fff29180000) - 'rpcrt4.dll'
792. e9c10.e9d08: 00007fff29295000-00007fff292a9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\rpcrt4.dll
793. e9c10.e9d08: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007fff29295000 LB 0x15000 (base 00007fff29180000) - 'rpcrt4.dll'
794. e9c10.e9d08: 00007fff292aa000-00007fff2976ffff 0x0001/0x0000 0x0000000
795. e9c10.e9d08: *00007fff29770000-00007fff29770fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
796. e9c10.e9d08: 00007fff29771000-00007fff2988bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
797. e9c10.e9d08: 00007fff2988c000-00007fff298d3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
798. e9c10.e9d08: 00007fff298d4000-00007fff298d4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
799. e9c10.e9d08: 00007fff298d5000-00007fff298d6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
800. e9c10.e9d08: 00007fff298d7000-00007fff298dffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
801. e9c10.e9d08: 00007fff298e0000-00007fff29964fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
802. e9c10.e9d08: 00007fff29965000-00007fff2996ffff 0x0001/0x0000 0x0000000
803. e9c10.e9d08: *00007fff29970000-00007fff29970fff 0x0020/0x0004 0x0020000 !!
804. e9c10.e9d08: 00007fff29971000-00007fff29971fff 0x0004/0x0004 0x0020000
805. e9c10.e9d08: 00007fff29972000-00007fff2998ffff 0x0001/0x0000 0x0000000
806. e9c10.e9d08: *00007fff29990000-00007fff29991fff 0x0020/0x0040 0x0020000 !!
807. e9c10.e9d08: 00007fff29992000-00007fff29993fff 0x0004/0x0040 0x0020000
808. e9c10.e9d08: 00007fff29994000-00007fff2999ffff 0x0001/0x0000 0x0000000
809. e9c10.e9d08: *00007fff299a0000-00007fff299a0fff 0x0020/0x0040 0x0020000 !!
810. e9c10.e9d08: 00007fff299a1000-00007fff299a1fff 0x0004/0x0040 0x0020000
811. e9c10.e9d08: 00007fff299a2000-00007ffffffeffff 0x0001/0x0000 0x0000000
812. e9c10.e9d08: user32.dll: timestamp 0x32ff40c (rc=VINF_SUCCESS)
813. e9c10.e9d08: kernel32.dll: timestamp 0x871fae9 (rc=VINF_SUCCESS)
814. e9c10.e9d08: kernelbase.dll: timestamp 0xc9db1934 (rc=VINF_SUCCESS)
815. e9c10.e9d08: apphelp.dll: timestamp 0xdc01baa3 (rc=VINF_SUCCESS)
816. e9c10.e9d08: VirtualBoxVM.exe: timestamp 0x619bb44c (rc=VINF_SUCCESS)
817. e9c10.e9d08: \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
818. e9c10.e9d08: '\Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
819. e9c10.e9d08: '\Device\HarddiskVolume12\Windows\System32\ntdll.dll' has no imports
820. e9c10.e9d08: ntdll.dll: Differences in section #1 (.text) between file and memory:
821. e9c10.e9d08: 00007fff29780380 / 0x0010380: 48 != e9
822. e9c10.e9d08: 00007fff29780381 / 0x0010381: 89 != 33
823. e9c10.e9d08: 00007fff29780382 / 0x0010382: 5c != 00
824. e9c10.e9d08: 00007fff29780383 / 0x0010383: 24 != c8
825. e9c10.e9d08: 00007fff29780384 / 0x0010384: 08 != bd
826. e9c10.e9d08: Restored 0x2000 bytes of original file content at 00007fff2977f000
827. e9c10.e9d08: ntdll.dll: Differences in section #1 (.text) between file and memory:
828. e9c10.e9d08: 00007fff2980ce43 / 0x009ce43: b8 != e9
829. e9c10.e9d08: 00007fff2980ce44 / 0x009ce44: 07 != db
830. e9c10.e9d08: 00007fff2980ce45 / 0x009ce45: 00 != d0
831. e9c10.e9d08: 00007fff2980ce46 / 0x009ce46: 00 != 07
832. e9c10.e9d08: 00007fff2980cf03 / 0x009cf03: b8 != e9
833. e9c10.e9d08: 00007fff2980cf04 / 0x009cf04: 0d != 1f
834. e9c10.e9d08: 00007fff2980cf05 / 0x009cf05: 00 != d0
835. e9c10.e9d08: 00007fff2980cf06 / 0x009cf06: 00 != 07
836. e9c10.e9d08: 00007fff2980d063 / 0x009d063: b8 != e9
837. e9c10.e9d08: 00007fff2980d064 / 0x009d064: 18 != c5
838. e9c10.e9d08: 00007fff2980d065 / 0x009d065: 00 != ce
839. e9c10.e9d08: 00007fff2980d066 / 0x009d066: 00 != 07
840. e9c10.e9d08: 00007fff2980d0e3 / 0x009d0e3: b8 != e9
841. e9c10.e9d08: 00007fff2980d0e4 / 0x009d0e4: 1c != 3e
842. e9c10.e9d08: 00007fff2980d0e5 / 0x009d0e5: 00 != ce
843. e9c10.e9d08: 00007fff2980d0e6 / 0x009d0e6: 00 != 07
844. e9c10.e9d08: 00007fff2980d203 / 0x009d203: b8 != e9
845. e9c10.e9d08: 00007fff2980d204 / 0x009d204: 25 != 20
846. e9c10.e9d08: 00007fff2980d205 / 0x009d205: 00 != cd
847. e9c10.e9d08: 00007fff2980d206 / 0x009d206: 00 != 07
848. e9c10.e9d08: 00007fff2980d240 / 0x009d240: 4c != e9
849. e9c10.e9d08: 00007fff2980d241 / 0x009d241: 8b != b3
850. e9c10.e9d08: 00007fff2980d242 / 0x009d242: d1 != 39
851. e9c10.e9d08: 00007fff2980d243 / 0x009d243: b8 != bf
852. e9c10.e9d08: 00007fff2980d244 / 0x009d244: 27 != bd
853. e9c10.e9d08: 00007fff2980d245 / 0x009d245: 00 != cc
854. e9c10.e9d08: 00007fff2980d246 / 0x009d246: 00 != cc
855. e9c10.e9d08: 00007fff2980d247 / 0x009d247: 00 != cc
856. e9c10.e9d08: 00007fff2980d263 / 0x009d263: b8 != e9
857. e9c10.e9d08: 00007fff2980d264 / 0x009d264: 28 != cb
858. e9c10.e9d08: 00007fff2980d265 / 0x009d265: 00 != cc
859. e9c10.e9d08: 00007fff2980d266 / 0x009d266: 00 != 07
860. e9c10.e9d08: 00007fff2980d2a3 / 0x009d2a3: b8 != e9
861. e9c10.e9d08: 00007fff2980d2a4 / 0x009d2a4: 2a != 8a
862. e9c10.e9d08: 00007fff2980d2a5 / 0x009d2a5: 00 != cc
863. e9c10.e9d08: 00007fff2980d2a6 / 0x009d2a6: 00 != 07
864. e9c10.e9d08: 00007fff2980d3c0 / 0x009d3c0: 4c != e9
865. e9c10.e9d08: 00007fff2980d3c1 / 0x009d3c1: 8b != 73
866. e9c10.e9d08: 00007fff2980d3c2 / 0x009d3c2: d1 != 37
867. e9c10.e9d08: 00007fff2980d3c3 / 0x009d3c3: b8 != bf
868. e9c10.e9d08: 00007fff2980d3c4 / 0x009d3c4: 33 != bd
869. e9c10.e9d08: 00007fff2980d3c5 / 0x009d3c5: 00 != cc
870. e9c10.e9d08: 00007fff2980d3c6 / 0x009d3c6: 00 != cc
871. e9c10.e9d08: 00007fff2980d3c7 / 0x009d3c7: 00 != cc
872. e9c10.e9d08: 00007fff2980d4a3 / 0x009d4a3: b8 != e9
873. e9c10.e9d08: 00007fff2980d4a4 / 0x009d4a4: 3a != 82
874. e9c10.e9d08: 00007fff2980d4a5 / 0x009d4a5: 00 != ca
875. e9c10.e9d08: 00007fff2980d4a6 / 0x009d4a6: 00 != 07
876. e9c10.e9d08: 00007fff2980d543 / 0x009d543: b8 != e9
877. e9c10.e9d08: 00007fff2980d544 / 0x009d544: 3f != e3
878. e9c10.e9d08: 00007fff2980d545 / 0x009d545: 00 != c9
879. e9c10.e9d08: 00007fff2980d546 / 0x009d546: 00 != 07
880. e9c10.e9d08: 00007fff2980d603 / 0x009d603: b8 != e9
881. e9c10.e9d08: 00007fff2980d604 / 0x009d604: 45 != 1d
882. e9c10.e9d08: 00007fff2980d605 / 0x009d605: 00 != c9
883. e9c10.e9d08: 00007fff2980d606 / 0x009d606: 00 != 07
884. e9c10.e9d08: 00007fff2980d763 / 0x009d763: b8 != e9
885. e9c10.e9d08: 00007fff2980d764 / 0x009d764: 50 != c4
886. e9c10.e9d08: 00007fff2980d765 / 0x009d765: 00 != c7
887. e9c10.e9d08: 00007fff2980d766 / 0x009d766: 00 != 07
888. e9c10.e9d08: 00007fff2980d7a3 / 0x009d7a3: b8 != e9
889. e9c10.e9d08: 00007fff2980d7a4 / 0x009d7a4: 52 != 86
890. e9c10.e9d08: 00007fff2980d7a5 / 0x009d7a5: 00 != c7
891. e9c10.e9d08: 00007fff2980d7a6 / 0x009d7a6: 00 != 07
892. e9c10.e9d08: 00007fff2980d800 / 0x009d800: 4c != e9
893. e9c10.e9d08: 00007fff2980d801 / 0x009d801: 8b != d3
894. e9c10.e9d08: 00007fff2980d802 / 0x009d802: d1 != 32
895. e9c10.e9d08: 00007fff2980d803 / 0x009d803: b8 != bf
896. e9c10.e9d08: 00007fff2980d804 / 0x009d804: 55 != bd
897. e9c10.e9d08: 00007fff2980d805 / 0x009d805: 00 != cc
898. e9c10.e9d08: 00007fff2980d806 / 0x009d806: 00 != cc
899. e9c10.e9d08: 00007fff2980d807 / 0x009d807: 00 != cc
900. e9c10.e9d08: 00007fff2980dc13 / 0x009dc13: b8 != e9
901. e9c10.e9d08: 00007fff2980dc14 / 0x009dc14: 76 != 09
902. e9c10.e9d08: 00007fff2980dc15 / 0x009dc15: 00 != c3
903. e9c10.e9d08: 00007fff2980dc16 / 0x009dc16: 00 != 07
904. e9c10.e9d08: 00007fff2980e3b3 / 0x009e3b3: b8 != e9
905. e9c10.e9d08: 00007fff2980e3b4 / 0x009e3b4: b3 != 67
906. e9c10.e9d08: 00007fff2980e3b5 / 0x009e3b5: 00 != bb
907. e9c10.e9d08: 00007fff2980e3b6 / 0x009e3b6: 00 != 07
908. e9c10.e9d08: 00007fff2980e570 / 0x009e570: 4c != e9
909. e9c10.e9d08: 00007fff2980e571 / 0x009e571: 8b != c3
910. e9c10.e9d08: 00007fff2980e572 / 0x009e572: d1 != 1c
911. e9c10.e9d08: 00007fff2980e573 / 0x009e573: b8 != bf
912. e9c10.e9d08: 00007fff2980e574 / 0x009e574: c1 != bd
913. e9c10.e9d08: 00007fff2980e575 / 0x009e575: 00 != cc
914. e9c10.e9d08: 00007fff2980e576 / 0x009e576: 00 != cc
915. e9c10.e9d08: 00007fff2980e577 / 0x009e577: 00 != cc
916. e9c10.e9d08: 00007fff2980e790 / 0x009e790: 4c != e9
917. e9c10.e9d08: 00007fff2980e791 / 0x009e791: 8b != 03
918. e9c10.e9d08: 00007fff2980e792 / 0x009e792: d1 != 24
919. e9c10.e9d08: 00007fff2980e793 / 0x009e793: b8 != bf
920. e9c10.e9d08: 00007fff2980e794 / 0x009e794: d2 != bd
921. e9c10.e9d08: 00007fff2980e795 / 0x009e795: 00 != cc
922. e9c10.e9d08: 00007fff2980e796 / 0x009e796: 00 != cc
923. e9c10.e9d08: 00007fff2980e797 / 0x009e797: 00 != cc
924. e9c10.e9d08: Restored 0x2000 bytes of original file content at 00007fff2980cb0e
925. e9c10.e9d08: ntdll.dll: Differences in section #1 (.text) between file and memory:
926. e9c10.e9d08: 00007fff2980eb93 / 0x009eb93: b8 != e9
927. e9c10.e9d08: 00007fff2980eb94 / 0x009eb94: f2 != 99
928. e9c10.e9d08: 00007fff2980eb95 / 0x009eb95: 00 != b3
929. e9c10.e9d08: 00007fff2980eb96 / 0x009eb96: 00 != 07
930. e9c10.e9d08: 00007fff2980efd3 / 0x009efd3: b8 != e9
931. e9c10.e9d08: 00007fff2980efd4 / 0x009efd4: 14 != 48
932. e9c10.e9d08: 00007fff2980efd5 / 0x009efd5: 01 != af
933. e9c10.e9d08: 00007fff2980efd6 / 0x009efd6: 00 != 07
934. e9c10.e9d08: 00007fff2980f9f3 / 0x009f9f3: b8 != e9
935. e9c10.e9d08: 00007fff2980f9f4 / 0x009f9f4: 65 != 2c
936. e9c10.e9d08: 00007fff2980f9f5 / 0x009f9f5: 01 != a5
937. e9c10.e9d08: 00007fff2980f9f6 / 0x009f9f6: 00 != 07
938. e9c10.e9d08: 00007fff2980feb3 / 0x009feb3: b8 != e9
939. e9c10.e9d08: 00007fff2980feb4 / 0x009feb4: 8b != 78
940. e9c10.e9d08: 00007fff2980feb5 / 0x009feb5: 01 != a0
941. e9c10.e9d08: 00007fff2980feb6 / 0x009feb6: 00 != 07
942. e9c10.e9d08: 00007fff29810230 / 0x00a0230: 4c != e9
943. e9c10.e9d08: 00007fff29810231 / 0x00a0231: 8b != 23
944. e9c10.e9d08: 00007fff29810232 / 0x00a0232: d1 != 0a
945. e9c10.e9d08: 00007fff29810233 / 0x00a0233: b8 != bf
946. e9c10.e9d08: 00007fff29810234 / 0x00a0234: a7 != bd
947. e9c10.e9d08: 00007fff29810235 / 0x00a0235: 01 != cc
948. e9c10.e9d08: 00007fff29810236 / 0x00a0236: 00 != cc
949. e9c10.e9d08: 00007fff29810237 / 0x00a0237: 00 != cc
950. e9c10.e9d08: 00007fff298104d3 / 0x00a04d3: b8 != e9
951. e9c10.e9d08: 00007fff298104d4 / 0x00a04d4: bc != 57
952. e9c10.e9d08: 00007fff298104d5 / 0x00a04d5: 01 != 9a
953. e9c10.e9d08: 00007fff298104d6 / 0x00a04d6: 00 != 07
954. e9c10.e9d08: 00007fff298106d3 / 0x00a06d3: b8 != e9
955. e9c10.e9d08: 00007fff298106d4 / 0x00a06d4: cc != 51
956. e9c10.e9d08: 00007fff298106d5 / 0x00a06d5: 01 != 98
957. e9c10.e9d08: 00007fff298106d6 / 0x00a06d6: 00 != 07
958. e9c10.e9d08: Restored 0x1f62 bytes of original file content at 00007fff2980eb0e
959. e9c10.e9d08: ntdll.dll: Differences in section #1 (.text) between file and memory:
960. e9c10.e9d08: 00007fff29889f1f / 0x0119f1f: 00 != 51
961. e9c10.e9d08: 00007fff29889f20 / 0x0119f20: 00 != 51
962. e9c10.e9d08: 00007fff29889f21 / 0x0119f21: 00 != 51
963. e9c10.e9d08: 00007fff29889f22 / 0x0119f22: 00 != 51
964. e9c10.e9d08: 00007fff29889f23 / 0x0119f23: 00 != 51
965. e9c10.e9d08: 00007fff29889f24 / 0x0119f24: 00 != 51
966. e9c10.e9d08: 00007fff29889f25 / 0x0119f25: 00 != 51
967. e9c10.e9d08: 00007fff29889f26 / 0x0119f26: 00 != 51
968. e9c10.e9d08: 00007fff29889f27 / 0x0119f27: 00 != 51
969. e9c10.e9d08: 00007fff29889f28 / 0x0119f28: 00 != 51
970. e9c10.e9d08: 00007fff29889f29 / 0x0119f29: 00 != 51
971. e9c10.e9d08: 00007fff29889f2a / 0x0119f2a: 00 != 51
972. e9c10.e9d08: 00007fff29889f2b / 0x0119f2b: 00 != 51
973. e9c10.e9d08: 00007fff29889f2c / 0x0119f2c: 00 != 51
974. e9c10.e9d08: 00007fff29889f2d / 0x0119f2d: 00 != 51
975. e9c10.e9d08: 00007fff29889f2e / 0x0119f2e: 00 != 51
976. e9c10.e9d08: 00007fff29889f2f / 0x0119f2f: 00 != 51
977. e9c10.e9d08: 00007fff29889f30 / 0x0119f30: 00 != 51
978. e9c10.e9d08: 00007fff29889f31 / 0x0119f31: 00 != 51
979. e9c10.e9d08: 00007fff29889f32 / 0x0119f32: 00 != 51
980. e9c10.e9d08: 00007fff29889f33 / 0x0119f33: 00 != ff
981. e9c10.e9d08: 00007fff29889f34 / 0x0119f34: 00 != 25
982. e9c10.e9d08: 00007fff29889f3a / 0x0119f3a: 00 != 89
983. e9c10.e9d08: 00007fff29889f3b / 0x0119f3b: 00 != b5
984. e9c10.e9d08: 00007fff29889f3c / 0x0119f3c: 00 != 02
985. e9c10.e9d08: Restored 0xe2 bytes of original file content at 00007fff29889f1e
986. e9c10.e9d08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
987. e9c10.e9d08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
988. e9c10.e9d08: supHardNtVpGetImport: Failed to find symbol 0xffffffff / 'NtUserTestForInteractiveUser' in 'win32u.dll': Unknown Status -610 (0xfffffd9e)
989. e9c10.e9d08: Error (rc=-5629):
990. e9c10.e9d08: RTLdrGetBits failed on image user32.dll: Unknown Status -610 (0xfffffd9e)
991. e9c10.e9d08: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> Unknown Status -5629 (0xffffea03), cFixes=4
992. e9c10.e9d08: \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
993. e9c10.e9d08: '\Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
994. e9c10.e9d08: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
995. e9c10.e9d08: supR3HardNtEnableThreadCreationEx:
996. e9c10.e9d08: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fff297e4b00 pvNtTerminateThread=00007fff2980d7c0
997. e9c10.e9d08: supR3HardenedWinDoReSpawn(1): New child ec9c0.ec9b0 [kernel32].
998. e9c10.e9d08: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
999. e9c10.e9d08: supR3HardNtChildGatherData: PebBaseAddress=0000000000c6c000 cbPeb=0x388
1000. e9c10.e9d08: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007fff29770000 uNtDllChildAddr=00007fff29770000
1001. e9c10.e9d08: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007fff297e4b00
1002. e9c10.e9d08: supR3HardenedWinSetupChildInit: Initial context:
1003. rax=0000000000000000 rbx=0000000000000000 rcx=00007ff7967d7900 rdx=0000000000c6c000
1004. rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
1005. r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
1006. r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
1007. rip=00007fff297c2630 rsp=0000000000effbd8 rbp=0000000000000000 ctxflags=0010001b
1008. cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
1009. P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
1010. dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
1011. dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
1012. lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
1013. e9c10.e9d08: supR3HardenedWinSetupChildInit: Start child.
1014. e9c10.e9d08: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 2 ms.
1015. e9c10.e9d08: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 59 sleeps
1016. e9c10.e9d08: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
1017. e9c10.e9d08: *0000000000000000-0000000000acffff 0x0001/0x0000 0x0000000
1018. e9c10.e9d08: *0000000000ad0000-0000000000aeffff 0x0004/0x0004 0x0020000
1019. e9c10.e9d08: *0000000000af0000-0000000000b0cfff 0x0002/0x0002 0x0040000
1020. e9c10.e9d08: 0000000000b0d000-0000000000b0ffff 0x0001/0x0000 0x0000000
1021. e9c10.e9d08: *0000000000b10000-0000000000b13fff 0x0002/0x0002 0x0040000
1022. e9c10.e9d08: 0000000000b14000-0000000000b1ffff 0x0001/0x0000 0x0000000
1023. e9c10.e9d08: *0000000000b20000-0000000000b21fff 0x0004/0x0004 0x0020000
1024. e9c10.e9d08: 0000000000b22000-0000000000b2ffff 0x0001/0x0000 0x0000000
1025. e9c10.e9d08: *0000000000b30000-0000000000b30fff 0x0004/0x0004 0x0020000
1026. e9c10.e9d08: 0000000000b31000-0000000000bfffff 0x0001/0x0000 0x0000000
1027. e9c10.e9d08: *0000000000c00000-0000000000c6bfff 0x0000/0x0004 0x0020000
1028. e9c10.e9d08: 0000000000c6c000-0000000000c6efff 0x0004/0x0004 0x0020000
1029. e9c10.e9d08: 0000000000c6f000-0000000000dfffff 0x0000/0x0004 0x0020000
1030. e9c10.e9d08: *0000000000e00000-0000000000efafff 0x0000/0x0004 0x0020000
1031. e9c10.e9d08: 0000000000efb000-0000000000efdfff 0x0104/0x0004 0x0020000
1032. e9c10.e9d08: 0000000000efe000-0000000000efffff 0x0004/0x0004 0x0020000
1033. e9c10.e9d08: 0000000000f00000-000000007ffdffff 0x0001/0x0000 0x0000000
1034. e9c10.e9d08: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
1035. e9c10.e9d08: 000000007ffe1000-000000007ffe8fff 0x0001/0x0000 0x0000000
1036. e9c10.e9d08: *000000007ffe9000-000000007ffe9fff 0x0002/0x0002 0x0020000
1037. e9c10.e9d08: 000000007ffea000-00007ff5f811ffff 0x0001/0x0000 0x0000000
1038. e9c10.e9d08: *00007ff5f8120000-00007ff5f8120fff 0x0002/0x0002 0x0040000
1039. e9c10.e9d08: 00007ff5f8121000-00007ff5f812ffff 0x0001/0x0000 0x0000000
1040. e9c10.e9d08: *00007ff5f8130000-00007ff5f8152fff 0x0002/0x0002 0x0040000
1041. e9c10.e9d08: 00007ff5f8153000-00007ff7967cffff 0x0001/0x0000 0x0000000
1042. e9c10.e9d08: *00007ff7967d0000-00007ff7967d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1043. e9c10.e9d08: 00007ff7967d1000-00007ff796847fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1044. e9c10.e9d08: 00007ff796848000-00007ff796848fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1045. e9c10.e9d08: 00007ff796849000-00007ff796891fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1046. e9c10.e9d08: 00007ff796892000-00007ff796892fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1047. e9c10.e9d08: 00007ff796893000-00007ff796893fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1048. e9c10.e9d08: 00007ff796894000-00007ff796898fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1049. e9c10.e9d08: 00007ff796899000-00007ff796899fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1050. e9c10.e9d08: 00007ff79689a000-00007ff79689afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1051. e9c10.e9d08: 00007ff79689b000-00007ff79689efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1052. e9c10.e9d08: 00007ff79689f000-00007ff7968e7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1053. e9c10.e9d08: 00007ff7968e8000-00007fff2976ffff 0x0001/0x0000 0x0000000
1054. e9c10.e9d08: *00007fff29770000-00007fff29770fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
1055. e9c10.e9d08: 00007fff29771000-00007fff2988bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
1056. e9c10.e9d08: 00007fff2988c000-00007fff298d3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
1057. e9c10.e9d08: 00007fff298d4000-00007fff298dffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
1058. e9c10.e9d08: 00007fff298e0000-00007fff298eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
1059. e9c10.e9d08: 00007fff298ef000-00007fff298effff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
1060. e9c10.e9d08: 00007fff298f0000-00007fff298f2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
1061. e9c10.e9d08: 00007fff298f3000-00007fff29964fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume12\Windows\System32\ntdll.dll
1062. e9c10.e9d08: 00007fff29965000-00007fff2996ffff 0x0001/0x0000 0x0000000
1063. e9c10.e9d08: *00007fff29970000-00007fff29970fff 0x0020/0x0004 0x0020000 !!
1064. e9c10.e9d08: supHardNtVpFreeOrReplacePrivateExecMemory: Replacing exec mem at 00007fff29970000 (LB 0x2000, 00007fff29970000 LB 0x1000)
1065. e9c10.e9d08: 0000000003ae4170/0000: 48 b8 50 05 81 29 ff 7f-00 00 50 51 52 41 50 41 H.P..)....PQRAPA
1066. 0000000003ae4180/0010: 51 48 83 ec 28 48 b9 00-00 97 29 ff 7f 00 00 48 QH..(H....)....H
1067. 0000000003ae4190/0020: ba 8c 02 97 29 ff 7f 00-00 ff e2 6d 63 49 4c 00 ....)......mcIL.
1068. 0000000003ae41a0/0030: 00 00 00 00 00 00 00 50-05 81 29 ff 7f 00 00 4c .......P..)....L
1069. 0000000003ae41b0/0040: 8b d1 b8 c0 c0 00 c2 00-00 00 00 00 54 00 97 29 ............T..)
1070. 0000000003ae41c0/0050: ff 7f 00 00 43 00 3a 00-5c 00 50 00 72 00 6f 00 ....C.:.\.P.r.o.
1071. 0000000003ae41d0/0060: 67 00 72 00 61 00 6d 00-20 00 46 00 69 00 6c 00 g.r.a.m. .F.i.l.
1072. 0000000003ae41e0/0070: 65 00 73 00 5c 00 57 00-69 00 6e 00 64 00 6f 00 e.s.\.W.i.n.d.o.
1073. 0000000003ae41f0/0080: 77 00 73 00 20 00 45 00-76 00 65 00 6e 00 74 00 w.s. .E.v.e.n.t.
1074. 0000000003ae4200/0090: 20 00 52 00 65 00 70 00-6f 00 72 00 74 00 69 00 .R.e.p.o.r.t.i.
1075. 0000000003ae4210/00a0: 6e 00 67 00 5c 00 43 00-6f 00 72 00 65 00 5c 00 n.g.\.C.o.r.e.\.
1076. 0000000003ae4220/00b0: 45 00 76 00 65 00 6e 00-74 00 52 00 65 00 70 00 E.v.e.n.t.R.e.p.
1077. 0000000003ae4230/00c0: 6f 00 72 00 74 00 69 00-6e 00 67 00 2e 00 41 00 o.r.t.i.n.g...A.
1078. 0000000003ae4240/00d0: 70 00 70 00 6c 00 69 00-63 00 61 00 74 00 69 00 p.p.l.i.c.a.t.i.
1079. 0000000003ae4250/00e0: 6f 00 6e 00 46 00 69 00-6c 00 74 00 65 00 72 00 o.n.F.i.l.t.e.r.
1080. 0000000003ae4260/00f0: 2e 00 4d 00 6f 00 6e 00-69 00 74 00 6f 00 72 00 ..M.o.n.i.t.o.r.
1081. e9c10.e9d08: 0000000003ae4270/0000: 2e 00 57 00 69 00 6e 00-36 00 34 00 2e 00 64 00 ..W.i.n.6.4...d.
1082. 0000000003ae4280/0010: 6c 00 6c 00 00 00 00 00-00 00 00 00 00 00 00 00 l.l.............
1083. 0000000003ae4290/0020: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
1084. **************** **** <ditto x 12>
1085. 0000000003ae4360/00f0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
1086. e9c10.e9d08: 0000000003ae4370/0000: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
1087. **************** **** <ditto x 4>
1088. 0000000003ae43c0/0050: 00 00 00 00 00 00 00 00-00 00 00 00 60 d7 80 29 ............`..)
1089. 0000000003ae43d0/0060: ff 7f 00 00 10 6a 78 29-ff 7f 00 00 60 d0 80 29 .....jx)....`..)
1090. 0000000003ae43e0/0070: ff 7f 00 00 20 d1 80 29-ff 7f 00 00 20 d4 80 29 .... ..).... ..)
1091. 0000000003ae43f0/0080: ff 7f 00 00 e0 d3 80 29-ff 7f 00 00 83 b9 00 10 .......)........
1092. 0000000003ae4400/0090: 00 00 00 74 2b 48 83 c4-28 41 59 41 58 5a 59 58 ...t+H..(AYAXZYX
1093. 0000000003ae4410/00a0: 4c 8b d1 b8 c0 01 00 00-f6 04 25 08 03 fe 7f 01 L.........%.....
1094. 0000000003ae4420/00b0: 75 03 0f 05 c3 cd 2e c3-0f 1f 84 00 00 00 00 00 u...............
1095. 0000000003ae4430/00c0: 4c 8b dc 53 55 56 57 41-56 41 57 48 83 ec 58 65 L..SUVWAVAWH..Xe
1096. 0000000003ae4440/00d0: 48 8b 04 25 30 00 00 00-33 ff 49 83 ce ff 8b 70 H..%0...3.I....p
1097. 0000000003ae4450/00e0: 40 8b 68 48 48 8b 81 7c-02 00 00 48 85 c0 48 8b @.hHH..|...H..H.
1098. 0000000003ae4460/00f0: d9 44 8d 7f 05 0f 84 0d-01 00 00 41 21 7b 08 4d .D.........A!{.M
1099. e9c10.e9d08: 0000000003ae4470/0000: 8d 4b 08 45 33 c0 33 d2-41 8b cf ff d0 8b 84 24 .K.E3.3.A......$
1100. 0000000003ae4480/0010: 90 00 00 00 85 c0 0f 84-ec 00 00 00 48 21 bc 24 ............H!.$
1101. 0000000003ae4490/0020: a8 00 00 00 8d 0c 00 4c-8d 8c 24 a0 00 00 00 48 .......L..$....H
1102. 0000000003ae44a0/0030: 89 8c 24 a0 00 00 00 48-8d 94 24 a8 00 00 00 45 ..$....H..$....E
1103. 0000000003ae44b0/0040: 33 c0 49 8b ce c7 44 24-28 04 00 00 00 c7 44 24 3.I...D$(.....D$
1104. 0000000003ae44c0/0050: 20 00 10 00 00 ff 93 6c-02 00 00 85 c0 0f 85 a5 ......l........
1105. 0000000003ae44d0/0060: 00 00 00 44 8b 84 24 a0-00 00 00 48 8b 94 24 a8 ...D..$....H..$.
1106. 0000000003ae44e0/0070: 00 00 00 45 33 c9 41 8b-cf ff 93 7c 02 00 00 85 ...E3.A....|....
1107. 0000000003ae44f0/0080: c0 75 1f 48 8b 8c 24 a8-00 00 00 eb 09 39 39 74 .u.H..$......99t
1108. 0000000003ae4500/0090: 11 8b 01 48 03 c8 48 39-71 50 75 f1 8b b9 30 01 ...H..H9qPu...0.
1109. 0000000003ae4510/00a0: 00 00 48 83 a4 24 a0 00-00 00 00 4c 8d 84 24 a0 ..H..$.....L..$.
1110. 0000000003ae4520/00b0: 00 00 00 48 8d 94 24 a8-00 00 00 41 b9 00 80 00 ...H..$....A....
1111. 0000000003ae4530/00c0: 00 49 8b ce ff 93 74 02-00 00 85 ff 74 3a 3b fd .I....t.....t:;.
1112. 0000000003ae4540/00d0: 74 36 be 01 00 00 00 48-8b 4b 37 8a 43 3f 38 01 t6.....H.K7.C?8.
1113. 0000000003ae4550/00e0: 75 08 8b 43 40 39 41 01-74 1e 48 8d 54 24 40 33 u..C@9A.t.H.T$@3
1114. 0000000003ae4560/00f0: c9 48 c7 44 24 40 60 79-fe ff ff 93 84 02 00 00 .H.D$@`y........
1115. e9c10.e9d08: 0000000003ae4570/0000: 83 c6 01 83 fe 64 7c cf-48 8b 4b 37 8a 43 3f 38 .....d|.H.K7.C?8
1116. 0000000003ae4580/0010: 01 75 0c 8b 43 40 39 41-01 0f 84 a0 00 00 00 48 .u..C@9A.......H
1117. 0000000003ae4590/0020: 8d 84 24 98 00 00 00 48-89 4c 24 38 4c 8d 44 24 ..$....H.L$8L.D$
1118. 0000000003ae45a0/0030: 30 48 8d 54 24 38 41 b9-40 00 00 00 49 8b ce 48 0H.T$8A.@...I..H
1119. 0000000003ae45b0/0040: 89 44 24 20 4c 89 7c 24-30 ff 93 5c 02 00 00 85 .D$ L.|$0..\....
1120. 0000000003ae45c0/0050: c0 75 3e 8b 43 3f 48 8b-53 37 4c 8d 44 24 30 89 .u>.C?H.S7L.D$0.
1121. 0000000003ae45d0/0060: 02 8a 43 43 49 8b ce 88-42 04 44 8b 8c 24 98 00 ..CCI...B.D..$..
1122. 0000000003ae45e0/0070: 00 00 48 8d 84 24 98 00-00 00 48 8d 54 24 38 48 ..H..$....H.T$8H
1123. 0000000003ae45f0/0080: 89 44 24 20 4c 89 7c 24-30 ff 93 5c 02 00 00 eb .D$ L.|$0..\....
1124. 0000000003ae4600/0090: 0a c7 83 00 10 00 00 01-00 00 00 85 ff 74 04 3b .............t.;
1125. 0000000003ae4610/00a0: fd 75 1c 4c 8d 43 44 4c-8d 4c 24 30 33 d2 33 c9 .u.L.CDL.L$03.3.
1126. 0000000003ae4620/00b0: ff 93 64 02 00 00 48 8b-5b 2f 48 85 db 75 e4 48 ..d...H.[/H..u.H
1127. 0000000003ae4630/00c0: 83 c4 58 41 5f 41 5e 5f-5e 5d 5b 48 83 c4 28 41 ..XA_A^_^][H..(A
1128. 0000000003ae4640/00d0: 59 41 58 5a 59 c3 00 00-00 00 00 00 00 00 00 00 YAXZY...........
1129. 0000000003ae4650/00e0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
1130. 0000000003ae4660/00f0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
1131. e9c10.e9d08: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [00007fff29970000/00007fff29970000 LB 0/0x2000]
1132. e9c10.e9d08: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/00007fff29970000 LB 0xd6680000 s=0x10000 ap=0x0 rp=0x00000000000001
1133. e9c10.e9d08: Error (rc=-5673):
1134. e9c10.e9d08: NtAllocateVirtualMemory (00007fff29970000 LB 0x2000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details
1135. e9c10.e9d08: Error (rc=-5645):
1136. e9c10.e9d08: Too many virtual memory regions.
1137.  
1138. e9c10.e9d08: Error (rc=-5673):
1139. e9c10.e9d08: supHardenedWinVerifyProcess failed with Unknown Status -5673 (0xffffe9d7): NtAllocateVirtualMemory (00007fff29970000 LB 0x2000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details
1140. [rc=-5645] Too many virtual memory regions.
1141. e9c10.e9d08: Error -5673 in supR3HardNtChildPurify! (enmWhat=5)
1142. e9c10.e9d08: supHardenedWinVerifyProcess failed with Unknown Status -5673 (0xffffe9d7): NtAllocateVirtualMemory (00007fff29970000 LB 0x2000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details
1143. [rc=-5645] Too many virtual memory regions.
1144. e9c10.e9d08: supR3HardNtEnableThreadCreationEx:
1145.