API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 19th, 2014
330
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.41 KB | None | 0 0
raw download clone embed print report
  1. 8ac.fdc: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000018 g_uNtVerCombined=0x611db110
  2. 8ac.fdc: Calling main()
  3. 8ac.fdc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
  4. 8ac.fdc: SUPR3HardenedMain: Respawn #1
  5. 8ac.fdc: System32: \Device\HarddiskVolume2\Windows\System32
  6. 8ac.fdc: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
  7. 8ac.fdc: ProgDir: \Device\HarddiskVolume2\Program Files
  8. 8ac.fdc: ComDir: \Device\HarddiskVolume2\Program Files\Common Files
  9. 8ac.fdc: ProgDir32: \Device\HarddiskVolume2\Program Files (x86)
  10. 8ac.fdc: ComDir32: \Device\HarddiskVolume2\Program Files (x86)\Common Files
  11. 8ac.fdc: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
  12. 8ac.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
  13. 8ac.fdc: supR3HardNtEnableThreadCreation:
  14. 8ac.fdc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077b8c320 pvNtTerminateThread=0000000077bb1840
  15. 8ac.fdc: supR3HardenedWinDoReSpawn(1): New child 12e8.d8 [kernel32].
  16. 8ac.fdc: supR3HardenedWinPurifyChild: PebBaseAddress=000007fffffdf000 cbPeb=0x380
  17. 8ac.fdc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077b60000 uNtDllChildAddr=0000000077b60000
  18. 8ac.fdc: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=0000000077b8c320 uNtTerminateThread=0000000077bb1840
  19. 8ac.fdc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077b8c320 pvNtTerminateThread=0000000077bb1840
  20. 8ac.fdc: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
  21. 8ac.fdc: supR3HardNtPuChTriggerInitialImageEvents: ntdll.dll[2nd] mapped at 00000000001d0000 LB 0x1a9000
  22. 8ac.fdc: supR3HardNtPuChTriggerInitialImageEvents: mapping view of kernel32.dll
  23. 8ac.fdc: supR3HardNtPuChTriggerInitialImageEvents: kernel32.dll mapped at 00000000775e0000 LB 0x11f000
  24. 8ac.fdc: supR3HardNtPuChTriggerInitialImageEvents: mapping view of KernelBase.dll
  25. 8ac.fdc: supR3HardNtPuChTriggerInitialImageEvents: KernelBase.dll mapped at 000007fefe220000 LB 0x6b000
  26. 8ac.fdc: supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: 31 ms
  27. 8ac.fdc: supR3HardNtEnableThreadCreation:
  28. 8ac.fdc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
  29. 8ac.fdc: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
  30. 8ac.fdc: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
  31. 8ac.fdc: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
  32. 8ac.fdc: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
  33. 8ac.fdc: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
  34. 8ac.fdc: 0000000000041000-fffffffffffb1fff 0x0001/0x0000 0x0000000
  35. 8ac.fdc: *00000000000d0000-fffffffffffd3fff 0x0000/0x0004 0x0020000
  36. 8ac.fdc: 00000000001cc000-00000000001c8fff 0x0104/0x0004 0x0020000
  37. 8ac.fdc: 00000000001cf000-00000000001cdfff 0x0004/0x0004 0x0020000
  38. 8ac.fdc: 00000000001d0000-fffffffffff1ffff 0x0001/0x0000 0x0000000
  39. 8ac.fdc: *0000000000480000-000000000047efff 0x0040/0x0040 0x0020000 !!
  40. 8ac.fdc: supHardNtVpScanVirtualMemory: Freeing exec mem at 0000000000480000 (0000000000480000 LB 0x1000)
  41. 8ac.fdc: 0000000000481000-ffffffff88da1fff 0x0001/0x0000 0x0000000
  42. 8ac.fdc: *0000000077b60000-0000000077b5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
  43. 8ac.fdc: 0000000077b61000-0000000077a5efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
  44. 8ac.fdc: 0000000077c63000-0000000077c33fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
  45. 8ac.fdc: 0000000077c92000-0000000077c85fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
  46. 8ac.fdc: 0000000077c9e000-0000000077c32fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
  47. 8ac.fdc: 0000000077d09000-0000000070a31fff 0x0001/0x0000 0x0000000
  48. 8ac.fdc: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
  49. 8ac.fdc: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
  50. 8ac.fdc: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
  51. 8ac.fdc: 000000007fff0000-000000007ffcffff 0x0001/0x0000 0x0000000
  52. 8ac.fdc: *0000000080010000-000000008000efff 0x0040/0x0040 0x0020000 !!
  53. 8ac.fdc: supHardNtVpScanVirtualMemory: Freeing exec mem at 0000000080010000 (0000000080010000 LB 0x1000)
  54. 8ac.fdc: 0000000080011000-ffffffffc0ba1fff 0x0001/0x0000 0x0000000
  55. 8ac.fdc: *000000013f480000-000000013f47efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
  56. 8ac.fdc: 000000013f481000-000000013f401fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
  57. 8ac.fdc: 000000013f500000-000000013f4fefff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
  58. 8ac.fdc: 000000013f501000-000000013f4c9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
  59. 8ac.fdc: 000000013f538000-000000013f52efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
  60. 8ac.fdc: 000000013f541000-000000013f507fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
  61. 8ac.fdc: 000000013f57a000-00000000feaf3fff 0x0001/0x0000 0x0000000
  62. 8ac.fdc: *0000000180000000-000000017fffefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\DeviceLock Agent\DeviceLockDllDrvUserModePart64.dll
  63. 8ac.fdc: supHardNtVpScanVirtualMemory: Unmapping image mem at 0000000180000000 (0000000180000000 LB 0x1000) - '²´'
  64. 8ac.fdc: 0000000180001000-000000017fff1fff 0x0001/0x0000 0x0000000
  65. 8ac.fdc: *0000000180010000-000000018000efff 0x0040/0x0040 0x0020000 !!
  66. 8ac.fdc: supHardNtVpScanVirtualMemory: Freeing exec mem at 0000000180010000 (0000000180010000 LB 0x1000)
  67. 8ac.fdc: 0000000180011000-fffff804001a1fff 0x0001/0x0000 0x0000000
  68. 8ac.fdc: *000007feffe80000-000007feffe7efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
  69. 8ac.fdc: 000007feffe81000-000007fdffd51fff 0x0001/0x0000 0x0000000
  70. 8ac.fdc: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
  71. 8ac.fdc: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
  72. 8ac.fdc: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
  73. 8ac.fdc: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
  74. 8ac.fdc: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
  75. 8ac.fdc: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
  76. 8ac.fdc: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
  77. 8ac.fdc: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
  78. 8ac.fdc: ntdll.dll: Differences in section #1 (.text) between file and memory:
  79. 8ac.fdc: 0000000077b785f0 / 0x00185f0: 48 != e9
  80. 8ac.fdc: 0000000077b785f1 / 0x00185f1: 89 != f5
  81. 8ac.fdc: 0000000077b785f2 / 0x00185f2: 54 != 7d
  82. 8ac.fdc: 0000000077b785f3 / 0x00185f3: 24 != 90
  83. 8ac.fdc: 0000000077b785f4 / 0x00185f4: 10 != 88
  84. 8ac.fdc: Restored 0x2000 bytes of original file content at 0000000077b77000
  85. 8ac.fdc: ntdll.dll: Differences in section #1 (.text) between file and memory:
  86. 8ac.fdc: 0000000077b79560 / 0x0019560: ff != e9
  87. 8ac.fdc: 0000000077b79561 / 0x0019561: f5 != 68
  88. 8ac.fdc: 0000000077b79562 / 0x0019562: 41 != 6d
  89. 8ac.fdc: 0000000077b79563 / 0x0019563: 54 != 90
  90. 8ac.fdc: 0000000077b79564 / 0x0019564: 41 != 88
  91. 8ac.fdc: 0000000077b79565 / 0x0019565: 55 != 90
  92. 8ac.fdc: Restored 0x2000 bytes of original file content at 0000000077b79000
  93. 8ac.fdc: ntdll.dll: Differences in section #1 (.text) between file and memory:
  94. 8ac.fdc: 0000000077bb1252 / 0x0051252: 48 != e9
  95. 8ac.fdc: 0000000077bb1253 / 0x0051253: 85 != 20
  96. 8ac.fdc: 0000000077bb1254 / 0x0051254: c0 != f2
  97. 8ac.fdc: 0000000077bb1255 / 0x0051255: 74 != 8c
  98. 8ac.fdc: 0000000077bb1256 / 0x0051256: 0f != 88
  99. 8ac.fdc: 0000000077bb1590 / 0x0051590: 4c != e9
  100. 8ac.fdc: 0000000077bb1591 / 0x0051591: 8b != f8
  101. 8ac.fdc: 0000000077bb1592 / 0x0051592: d1 != ea
  102. 8ac.fdc: 0000000077bb1593 / 0x0051593: b8 != 8c
  103. 8ac.fdc: 0000000077bb1594 / 0x0051594: 25 != 88
  104. 8ac.fdc: 0000000077bb1595 / 0x0051595: 00 != 90
  105. 8ac.fdc: 0000000077bb1596 / 0x0051596: 00 != 90
  106. 8ac.fdc: 0000000077bb1597 / 0x0051597: 00 != 90
  107. 8ac.fdc: 0000000077bb15b0 / 0x00515b0: 4c != e9
  108. 8ac.fdc: 0000000077bb15b1 / 0x00515b1: 8b != 88
  109. 8ac.fdc: 0000000077bb15b2 / 0x00515b2: d1 != ec
  110. 8ac.fdc: 0000000077bb15b3 / 0x00515b3: b8 != 8c
  111. 8ac.fdc: 0000000077bb15b4 / 0x00515b4: 27 != 88
  112. 8ac.fdc: 0000000077bb15b5 / 0x00515b5: 00 != 90
  113. 8ac.fdc: 0000000077bb15b6 / 0x00515b6: 00 != 90
  114. 8ac.fdc: 0000000077bb15b7 / 0x00515b7: 00 != 90
  115. 8ac.fdc: 0000000077bb16b0 / 0x00516b0: 4c != e9
  116. 8ac.fdc: 0000000077bb16b1 / 0x00516b1: 8b != f8
  117. 8ac.fdc: 0000000077bb16b2 / 0x00516b2: d1 != ea
  118. 8ac.fdc: 0000000077bb16b3 / 0x00516b3: b8 != 8c
  119. 8ac.fdc: 0000000077bb16b4 / 0x00516b4: 37 != 88
  120. 8ac.fdc: 0000000077bb16b5 / 0x00516b5: 00 != 90
  121. 8ac.fdc: 0000000077bb16b6 / 0x00516b6: 00 != 90
  122. 8ac.fdc: 0000000077bb16b7 / 0x00516b7: 00 != 90
  123. 8ac.fdc: 0000000077bb1810 / 0x0051810: 4c != e9
  124. 8ac.fdc: 0000000077bb1811 / 0x0051811: 8b != 08
  125. 8ac.fdc: 0000000077bb1812 / 0x0051812: d1 != e9
  126. 8ac.fdc: 0000000077bb1813 / 0x0051813: b8 != 8c
  127. 8ac.fdc: 0000000077bb1814 / 0x0051814: 4d != 88
  128. 8ac.fdc: 0000000077bb1815 / 0x0051815: 00 != 90
  129. 8ac.fdc: 0000000077bb1816 / 0x0051816: 00 != 90
  130. 8ac.fdc: 0000000077bb1817 / 0x0051817: 00 != 90
  131. 8ac.fdc: 0000000077bb2100 / 0x0052100: 4c != e9
  132. 8ac.fdc: 0000000077bb2101 / 0x0052101: 8b != ff
  133. 8ac.fdc: 0000000077bb2102 / 0x0052102: d1 != e3
  134. 8ac.fdc: 0000000077bb2103 / 0x0052103: b8 != 8c
  135. 8ac.fdc: 0000000077bb2104 / 0x0052104: dc != 88
  136. 8ac.fdc: 0000000077bb2105 / 0x0052105: 00 != 90
  137. 8ac.fdc: 0000000077bb2106 / 0x0052106: 00 != 90
  138. 8ac.fdc: 0000000077bb2107 / 0x0052107: 00 != 90
  139. 8ac.fdc: Restored 0x2000 bytes of original file content at 0000000077bb1000
  140. 8ac.fdc: ntdll.dll: Differences in section #1 (.text) between file and memory:
  141. 8ac.fdc: 0000000077c2e020 / 0x00ce020: 48 != e9
  142. 8ac.fdc: 0000000077c2e021 / 0x00ce021: 81 != 36
  143. 8ac.fdc: 0000000077c2e022 / 0x00ce022: ec != 23
  144. 8ac.fdc: 0000000077c2e023 / 0x00ce023: 08 != 85
  145. 8ac.fdc: 0000000077c2e024 / 0x00ce024: 05 != 88
  146. 8ac.fdc: 0000000077c2e025 / 0x00ce025: 00 != 90
  147. 8ac.fdc: 0000000077c2e026 / 0x00ce026: 00 != 90
  148. 8ac.fdc: Restored 0x2000 bytes of original file content at 0000000077c2d000
  149. 8ac.fdc: supR3HardenedWinDoReSpawn(1): Quitting: ExitCode=0xc0000005 rcNt=0x0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!