API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 21st, 2019
118
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.06 KB | None | 0 0
raw download clone embed print report
  1. 2bc8.3090: Log file opened: 6.0.14r133895 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa047ba00
  2. 2bc8.3090: \SystemRoot\System32\ntdll.dll:
  3. 2bc8.3090: CreationTime: 2019-10-10T07:35:42.809562600Z
  4. 2bc8.3090: LastWriteTime: 2019-10-10T07:35:42.896564400Z
  5. 2bc8.3090: ChangeTime: 2019-10-10T08:44:45.104269700Z
  6. 2bc8.3090: FileAttributes: 0x20
  7. 2bc8.3090: Size: 0x1e8528
  8. 2bc8.3090: NT Headers: 0xd8
  9. 2bc8.3090: Timestamp: 0x99ca0526
  10. 2bc8.3090: Machine: 0x8664 - amd64
  11. 2bc8.3090: Timestamp: 0x99ca0526
  12. 2bc8.3090: Image Version: 10.0
  13. 2bc8.3090: SizeOfImage: 0x1f0000 (2031616)
  14. 2bc8.3090: Resource Dir: 0x17f000 LB 0x6f310
  15. 2bc8.3090: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
  16. 2bc8.3090: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
  17. 2bc8.3090: ProductName: Microsoft® Windows® Operating System
  18. 2bc8.3090: ProductVersion: 10.0.18362.418
  19. 2bc8.3090: FileVersion: 10.0.18362.418 (WinBuild.160101.0800)
  20. 2bc8.3090: FileDescription: NT Layer DLL
  21. 2bc8.3090: \SystemRoot\System32\kernel32.dll:
  22. 2bc8.3090: CreationTime: 2019-09-11T02:45:30.789012100Z
  23. 2bc8.3090: LastWriteTime: 2019-09-11T02:45:30.821013200Z
  24. 2bc8.3090: ChangeTime: 2019-10-10T07:37:48.701832000Z
  25. 2bc8.3090: FileAttributes: 0x20
  26. 2bc8.3090: Size: 0xb0570
  27. 2bc8.3090: NT Headers: 0xe8
  28. 2bc8.3090: Timestamp: 0xd0cecc10
  29. 2bc8.3090: Machine: 0x8664 - amd64
  30. 2bc8.3090: Timestamp: 0xd0cecc10
  31. 2bc8.3090: Image Version: 10.0
  32. 2bc8.3090: SizeOfImage: 0xb2000 (729088)
  33. 2bc8.3090: Resource Dir: 0xb0000 LB 0x520
  34. 2bc8.3090: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
  35. 2bc8.3090: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
  36. 2bc8.3090: ProductName: Microsoft® Windows® Operating System
  37. 2bc8.3090: ProductVersion: 10.0.18362.329
  38. 2bc8.3090: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
  39. 2bc8.3090: FileDescription: Windows NT BASE API Client DLL
  40. 2bc8.3090: \SystemRoot\System32\KernelBase.dll:
  41. 2bc8.3090: CreationTime: 2019-10-10T07:35:43.951562400Z
  42. 2bc8.3090: LastWriteTime: 2019-10-10T07:35:44.081563800Z
  43. 2bc8.3090: ChangeTime: 2019-10-10T08:44:44.440269800Z
  44. 2bc8.3090: FileAttributes: 0x20
  45. 2bc8.3090: Size: 0x2a2708
  46. 2bc8.3090: NT Headers: 0xf0
  47. 2bc8.3090: Timestamp: 0xfba22159
  48. 2bc8.3090: Machine: 0x8664 - amd64
  49. 2bc8.3090: Timestamp: 0xfba22159
  50. 2bc8.3090: Image Version: 10.0
  51. 2bc8.3090: SizeOfImage: 0x2a3000 (2764800)
  52. 2bc8.3090: Resource Dir: 0x27d000 LB 0x548
  53. 2bc8.3090: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
  54. 2bc8.3090: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
  55. 2bc8.3090: ProductName: Microsoft® Windows® Operating System
  56. 2bc8.3090: ProductVersion: 10.0.18362.418
  57. 2bc8.3090: FileVersion: 10.0.18362.418 (WinBuild.160101.0800)
  58. 2bc8.3090: FileDescription: Windows NT BASE API Client DLL
  59. 2bc8.3090: \SystemRoot\System32\apisetschema.dll:
  60. 2bc8.3090: CreationTime: 2019-03-19T04:43:54.837151500Z
  61. 2bc8.3090: LastWriteTime: 2019-03-19T04:43:54.837151500Z
  62. 2bc8.3090: ChangeTime: 2019-10-10T07:37:48.668832300Z
  63. 2bc8.3090: FileAttributes: 0x20
  64. 2bc8.3090: Size: 0x1d028
  65. 2bc8.3090: NT Headers: 0xc8
  66. 2bc8.3090: Timestamp: 0xd6ced080
  67. 2bc8.3090: Machine: 0x8664 - amd64
  68. 2bc8.3090: Timestamp: 0xd6ced080
  69. 2bc8.3090: Image Version: 10.0
  70. 2bc8.3090: SizeOfImage: 0x1e000 (122880)
  71. 2bc8.3090: Resource Dir: 0x1d000 LB 0x408
  72. 2bc8.3090: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
  73. 2bc8.3090: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
  74. 2bc8.3090: ProductName: Microsoft® Windows® Operating System
  75. 2bc8.3090: ProductVersion: 10.0.18362.1
  76. 2bc8.3090: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
  77. 2bc8.3090: FileDescription: ApiSet Schema DLL
  78. 2bc8.3090: NtOpenDirectoryObject failed on \Driver: 0xc0000022
  79. 2bc8.3090: supR3HardenedWinFindAdversaries: 0x0
  80. 2bc8.3090: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume5'
  81. 2bc8.3090: Calling main()
  82. 2bc8.3090: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
  83. 2bc8.3090: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume5'
  84. 2bc8.3090: SUPR3HardenedMain: Respawn #1
  85. 2bc8.3090: System32: \Device\HarddiskVolume5\Windows\System32
  86. 2bc8.3090: WinSxS: \Device\HarddiskVolume5\Windows\WinSxS
  87. 2bc8.3090: KnownDllPath: C:\WINDOWS\System32
  88. 2bc8.3090: supR3HardenedWinInit: Performing a limited self purification...
  89. 2bc8.3090: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
  90. 2bc8.3090: *0000000000000000-000000000089ffff 0x0001/0x0000 0x0000000
  91. 2bc8.3090: *00000000008a0000-00000000008affff 0x0004/0x0004 0x0040000
  92. 2bc8.3090: 00000000008b0000-00000000008bffff 0x0001/0x0000 0x0000000
  93. 2bc8.3090: *00000000008c0000-00000000008dafff 0x0002/0x0002 0x0040000
  94. 2bc8.3090: 00000000008db000-00000000008dffff 0x0001/0x0000 0x0000000
  95. 2bc8.3090: *00000000008e0000-0000000000998fff 0x0000/0x0004 0x0020000
  96. 2bc8.3090: 0000000000999000-000000000099bfff 0x0104/0x0004 0x0020000
  97. 2bc8.3090: 000000000099c000-00000000009dffff 0x0004/0x0004 0x0020000
  98. 2bc8.3090: *00000000009e0000-00000000009e3fff 0x0002/0x0002 0x0040000
  99. 2bc8.3090: 00000000009e4000-00000000009effff 0x0001/0x0000 0x0000000
  100. 2bc8.3090: *00000000009f0000-00000000009f1fff 0x0004/0x0004 0x0020000
  101. 2bc8.3090: 00000000009f2000-00000000009fffff 0x0001/0x0000 0x0000000
  102. 2bc8.3090: *0000000000a00000-0000000000b45fff 0x0000/0x0004 0x0020000
  103. 2bc8.3090: 0000000000b46000-0000000000b48fff 0x0004/0x0004 0x0020000
  104. 2bc8.3090: 0000000000b49000-0000000000bfffff 0x0000/0x0004 0x0020000
  105. 2bc8.3090: *0000000000c00000-0000000000cc6fff 0x0002/0x0002 0x0040000
  106. 2bc8.3090: 0000000000cc7000-0000000000ccffff 0x0001/0x0000 0x0000000
  107. 2bc8.3090: *0000000000cd0000-0000000000cd1fff 0x0004/0x0004 0x0020000
  108. 2bc8.3090: 0000000000cd2000-0000000000d01fff 0x0000/0x0004 0x0020000
  109. 2bc8.3090: 0000000000d02000-0000000000d4ffff 0x0001/0x0000 0x0000000
  110. 2bc8.3090: *0000000000d50000-0000000000d54fff 0x0004/0x0004 0x0020000
  111. 2bc8.3090: 0000000000d55000-0000000000e4ffff 0x0000/0x0004 0x0020000
  112. 2bc8.3090: *0000000000e50000-0000000000e6cfff 0x0004/0x0004 0x0020000
  113. 2bc8.3090: 0000000000e6d000-0000000000f4ffff 0x0000/0x0004 0x0020000
  114. 2bc8.3090: 0000000000f50000-000000000102ffff 0x0001/0x0000 0x0000000
  115. 2bc8.3090: *0000000001030000-000000000103efff 0x0004/0x0004 0x0020000
  116. 2bc8.3090: 000000000103f000-000000000103ffff 0x0000/0x0004 0x0020000
  117. 2bc8.3090: *0000000001040000-0000000001042fff 0x0000/0x0004 0x0020000
  118. 2bc8.3090: 0000000001043000-0000000001233fff 0x0004/0x0004 0x0020000
  119. 2bc8.3090: 0000000001234000-0000000001234fff 0x0000/0x0004 0x0020000
  120. 2bc8.3090: 0000000001235000-000000007ffdffff 0x0001/0x0000 0x0000000
  121. 2bc8.3090: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
  122. 2bc8.3090: 000000007ffe1000-000000007ffe8fff 0x0001/0x0000 0x0000000
  123. 2bc8.3090: *000000007ffe9000-000000007ffe9fff 0x0002/0x0002 0x0020000
  124. 2bc8.3090: 000000007ffea000-00007ff4f6fbffff 0x0001/0x0000 0x0000000
  125. 2bc8.3090: *00007ff4f6fc0000-00007ff4f6fc4fff 0x0002/0x0002 0x0040000
  126. 2bc8.3090: 00007ff4f6fc5000-00007ff4f70bffff 0x0000/0x0002 0x0040000
  127. 2bc8.3090: *00007ff4f70c0000-00007ff5f70dffff 0x0000/0x0004 0x0020000
  128. 2bc8.3090: *00007ff5f70e0000-00007ff5f90dffff 0x0000/0x0004 0x0020000
  129. 2bc8.3090: 00007ff5f90e0000-00007ff5f90e0fff 0x0004/0x0004 0x0020000
  130. 2bc8.3090: 00007ff5f90e1000-00007ff5f90effff 0x0001/0x0000 0x0000000
  131. 2bc8.3090: *00007ff5f90f0000-00007ff5f90f0fff 0x0002/0x0002 0x0040000
  132. 2bc8.3090: 00007ff5f90f1000-00007ff5f90fffff 0x0001/0x0000 0x0000000
  133. 2bc8.3090: *00007ff5f9100000-00007ff5f9122fff 0x0002/0x0002 0x0040000
  134. 2bc8.3090: 00007ff5f9123000-00007ff613c0ffff 0x0001/0x0000 0x0000000
  135. 2bc8.3090: *00007ff613c10000-00007ff613c10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  136. 2bc8.3090: 00007ff613c11000-00007ff613c85fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  137. 2bc8.3090: 00007ff613c86000-00007ff613c86fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  138. 2bc8.3090: 00007ff613c87000-00007ff613ccefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  139. 2bc8.3090: 00007ff613ccf000-00007ff613cd1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  140. 2bc8.3090: 00007ff613cd2000-00007ff613cd4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  141. 2bc8.3090: 00007ff613cd5000-00007ff613cd7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  142. 2bc8.3090: 00007ff613cd8000-00007ff613cd8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  143. 2bc8.3090: 00007ff613cd9000-00007ff613cdafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  144. 2bc8.3090: 00007ff613cdb000-00007ff613cdbfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  145. 2bc8.3090: 00007ff613cdc000-00007ff613d24fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  146. 2bc8.3090: 00007ff613d25000-00007ffbe2e9ffff 0x0001/0x0000 0x0000000
  147. 2bc8.3090: *00007ffbe2ea0000-00007ffbe2ea0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\KernelBase.dll
  148. 2bc8.3090: 00007ffbe2ea1000-00007ffbe2fa5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\KernelBase.dll
  149. 2bc8.3090: 00007ffbe2fa6000-00007ffbe3107fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\KernelBase.dll
  150. 2bc8.3090: 00007ffbe3108000-00007ffbe310bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\KernelBase.dll
  151. 2bc8.3090: 00007ffbe310c000-00007ffbe310cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\KernelBase.dll
  152. 2bc8.3090: 00007ffbe310d000-00007ffbe3142fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\KernelBase.dll
  153. 2bc8.3090: 00007ffbe3143000-00007ffbe4a2ffff 0x0001/0x0000 0x0000000
  154. 2bc8.3090: *00007ffbe4a30000-00007ffbe4a30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\kernel32.dll
  155. 2bc8.3090: 00007ffbe4a31000-00007ffbe4aa5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\kernel32.dll
  156. 2bc8.3090: 00007ffbe4aa6000-00007ffbe4ad7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\kernel32.dll
  157. 2bc8.3090: 00007ffbe4ad8000-00007ffbe4ad8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\kernel32.dll
  158. 2bc8.3090: 00007ffbe4ad9000-00007ffbe4ad9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\kernel32.dll
  159. 2bc8.3090: 00007ffbe4ada000-00007ffbe4ae1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\kernel32.dll
  160. 2bc8.3090: 00007ffbe4ae2000-00007ffbe537ffff 0x0001/0x0000 0x0000000
  161. 2bc8.3090: *00007ffbe5380000-00007ffbe5380fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  162. 2bc8.3090: 00007ffbe5381000-00007ffbe5497fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  163. 2bc8.3090: 00007ffbe5498000-00007ffbe54defff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  164. 2bc8.3090: 00007ffbe54df000-00007ffbe54dffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  165. 2bc8.3090: 00007ffbe54e0000-00007ffbe54e1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  166. 2bc8.3090: 00007ffbe54e2000-00007ffbe54eafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  167. 2bc8.3090: 00007ffbe54eb000-00007ffbe556ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  168. 2bc8.3090: 00007ffbe5570000-00007ffffffeffff 0x0001/0x0000 0x0000000
  169. 2bc8.3090: kernel32.dll: timestamp 0xd0cecc10 (rc=VINF_SUCCESS)
  170. 2bc8.3090: kernelbase.dll: timestamp 0xfba22159 (rc=VINF_SUCCESS)
  171. 2bc8.3090: VirtualBoxVM.exe: timestamp 0x5d9f7c37 (rc=VINF_SUCCESS)
  172. 2bc8.3090: '\Device\HarddiskVolume5\VirtualBoxVM.exe' has no imports
  173. 2bc8.3090: '\Device\HarddiskVolume5\Windows\System32\ntdll.dll' has no imports
  174. 2bc8.3090: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
  175. 2bc8.3090: '\Device\HarddiskVolume5\VirtualBoxVM.exe' has no imports
  176. 2bc8.3090: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume5\VirtualBoxVM.exe)
  177. 2bc8.3090: supR3HardNtEnableThreadCreationEx:
  178. 2bc8.3090: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffbe53f17f0 pvNtTerminateThread=00007ffbe541cb10
  179. 2bc8.3090: supR3HardenedWinDoReSpawn(1): New child 20a0.15dc [kernel32].
  180. 2bc8.3090: supR3HardNtChildGatherData: PebBaseAddress=00000000011a4000 cbPeb=0x388
  181. 2bc8.3090: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffbe5380000 uNtDllChildAddr=00007ffbe5380000
  182. 2bc8.3090: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffbe53f17f0
  183. 2bc8.3090: supR3HardenedWinSetupChildInit: Start child.
  184. 2bc8.3090: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
  185. 2bc8.3090: supR3HardNtChildPurify: Startup delay kludge #1/0: 259 ms, 27 sleeps
  186. 2bc8.3090: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
  187. 2bc8.3090: *0000000000000000-0000000000eaffff 0x0001/0x0000 0x0000000
  188. 2bc8.3090: *0000000000eb0000-0000000000ecffff 0x0004/0x0004 0x0020000
  189. 2bc8.3090: *0000000000ed0000-0000000000eeafff 0x0002/0x0002 0x0040000
  190. 2bc8.3090: 0000000000eeb000-0000000000eeffff 0x0001/0x0000 0x0000000
  191. 2bc8.3090: *0000000000ef0000-0000000000feafff 0x0000/0x0004 0x0020000
  192. 2bc8.3090: 0000000000feb000-0000000000fedfff 0x0104/0x0004 0x0020000
  193. 2bc8.3090: 0000000000fee000-0000000000feffff 0x0004/0x0004 0x0020000
  194. 2bc8.3090: *0000000000ff0000-0000000000ff3fff 0x0002/0x0002 0x0040000
  195. 2bc8.3090: 0000000000ff4000-0000000000ffffff 0x0001/0x0000 0x0000000
  196. 2bc8.3090: *0000000001000000-00000000011a3fff 0x0000/0x0004 0x0020000
  197. 2bc8.3090: 00000000011a4000-00000000011a6fff 0x0004/0x0004 0x0020000
  198. 2bc8.3090: 00000000011a7000-00000000011fffff 0x0000/0x0004 0x0020000
  199. 2bc8.3090: *0000000001200000-0000000001201fff 0x0004/0x0004 0x0020000
  200. 2bc8.3090: 0000000001202000-000000007ffdffff 0x0001/0x0000 0x0000000
  201. 2bc8.3090: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
  202. 2bc8.3090: 000000007ffe1000-000000007ffe8fff 0x0001/0x0000 0x0000000
  203. 2bc8.3090: *000000007ffe9000-000000007ffe9fff 0x0002/0x0002 0x0020000
  204. 2bc8.3090: 000000007ffea000-00007ff56710ffff 0x0001/0x0000 0x0000000
  205. 2bc8.3090: *00007ff567110000-00007ff567110fff 0x0002/0x0002 0x0040000
  206. 2bc8.3090: 00007ff567111000-00007ff56711ffff 0x0001/0x0000 0x0000000
  207. 2bc8.3090: *00007ff567120000-00007ff567142fff 0x0002/0x0002 0x0040000
  208. 2bc8.3090: 00007ff567143000-00007ff613c0ffff 0x0001/0x0000 0x0000000
  209. 2bc8.3090: *00007ff613c10000-00007ff613c10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  210. 2bc8.3090: 00007ff613c11000-00007ff613c85fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  211. 2bc8.3090: 00007ff613c86000-00007ff613c86fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  212. 2bc8.3090: 00007ff613c87000-00007ff613ccefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  213. 2bc8.3090: 00007ff613ccf000-00007ff613ccffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  214. 2bc8.3090: 00007ff613cd0000-00007ff613cd0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  215. 2bc8.3090: 00007ff613cd1000-00007ff613cd5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  216. 2bc8.3090: 00007ff613cd6000-00007ff613cd6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  217. 2bc8.3090: 00007ff613cd7000-00007ff613cd7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  218. 2bc8.3090: 00007ff613cd8000-00007ff613cdbfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  219. 2bc8.3090: 00007ff613cdc000-00007ff613d24fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\VirtualBoxVM.exe
  220. 2bc8.3090: 00007ff613d25000-00007ffbe537ffff 0x0001/0x0000 0x0000000
  221. 2bc8.3090: *00007ffbe5380000-00007ffbe5380fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  222. 2bc8.3090: 00007ffbe5381000-00007ffbe5497fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  223. 2bc8.3090: 00007ffbe5498000-00007ffbe54defff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  224. 2bc8.3090: 00007ffbe54df000-00007ffbe54eafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  225. 2bc8.3090: 00007ffbe54eb000-00007ffbe54f9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  226. 2bc8.3090: 00007ffbe54fa000-00007ffbe54fafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  227. 2bc8.3090: 00007ffbe54fb000-00007ffbe54fdfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  228. 2bc8.3090: 00007ffbe54fe000-00007ffbe556ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume5\Windows\System32\ntdll.dll
  229. 2bc8.3090: 00007ffbe5570000-00007ffffffeffff 0x0001/0x0000 0x0000000
  230. 2bc8.3090: supR3HardNtChildPurify: Done after 265 ms and 0 fixes (loop #0).
  231. 20a0.15dc: Log file opened: 6.0.14r133895 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
  232. 20a0.15dc: supR3HardenedVmProcessInit: uNtDllAddr=00007ffbe5380000 g_uNtVerCombined=0xa047ba00
  233. 20a0.15dc: ntdll.dll: timestamp 0x99ca0526 (rc=VINF_SUCCESS)
  234. 20a0.15dc: New simple heap: #1 0000000001310000 LB 0x400000 (for 2031616 allocation)
  235. 2bc8.3090: supR3HardNtEnableThreadCreationEx:
  236. 20a0.15dc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume5'
  237. 20a0.15dc: System32: \Device\HarddiskVolume5\Windows\System32
  238. 20a0.15dc: WinSxS: \Device\HarddiskVolume5\Windows\WinSxS
  239. 20a0.15dc: KnownDllPath: C:\WINDOWS\System32
  240. 20a0.15dc: supR3HardenedVmProcessInit: Opening vboxdrv stub...
  241. 20a0.15dc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
  242. 20a0.15dc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
  243. 20a0.15dc: Registered Dll notification callback with NTDLL.
  244. 20a0.15dc: supHardenedWinVerifyImageByHandle: -> -5659 (\Device\HarddiskVolume5\Windows\System32\kernel32.dll)
  245. 20a0.15dc: Error (rc=0):
  246. 20a0.15dc: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5659 (0xffffe9e5) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume5\Windows\System32\kernel32.dll: Not valid kernel code signature.: \Device\HarddiskVolume5\Windows\System32\kernel32.dll
  247. 20a0.15dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume5\Windows\System32\kernel32.dll
  248. 20a0.15dc: Error (rc=0):
  249. 20a0.15dc: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\WINDOWS\System32\KERNEL32.DLL': rcNt=0xc0000190
  250. 20a0.15dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\WINDOWS\System32\KERNEL32.DLL'
  251. 2bc8.3090: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000190 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 65 ms, CloseEvents);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!