Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 4fd0.56f8: \SystemRoot\System32\ntdll.dll:
- 4fd0.56f8: CreationTime: 2025-02-12T11:23:16.262051600Z
- 4fd0.56f8: LastWriteTime: 2025-02-12T11:23:16.331051300Z
- 4fd0.56f8: ChangeTime: 2025-03-13T00:26:13.408161800Z
- 4fd0.56f8: FileAttributes: 0x20
- 4fd0.56f8: Size: 0x1ef630
- 4fd0.56f8: NT Headers: 0xe8
- 4fd0.56f8: Timestamp: 0xab0dece3
- 4fd0.56f8: Machine: 0x8664 - amd64
- 4fd0.56f8: Timestamp: 0xab0dece3
- 4fd0.56f8: Image Version: 10.0
- 4fd0.56f8: SizeOfImage: 0x1f8000 (2064384)
- 4fd0.56f8: Resource Dir: 0x186000 LB 0x70508
- 4fd0.56f8: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
- 4fd0.56f8: [Raw version resource data: 0x1860f0 LB 0x380, codepage 0x0 (reserved 0x0)]
- 4fd0.56f8: ProductName: Microsoft® Windows® Operating System
- 4fd0.56f8: ProductVersion: 10.0.19041.5438
- 4fd0.56f8: FileVersion: 10.0.19041.5438 (WinBuild.160101.0800)
- 4fd0.56f8: FileDescription: NT Layer DLL
- 4fd0.56f8: \SystemRoot\System32\kernel32.dll:
- 4fd0.56f8: CreationTime: 2025-02-12T11:23:22.993793800Z
- 4fd0.56f8: LastWriteTime: 2025-02-12T11:23:23.025791400Z
- 4fd0.56f8: ChangeTime: 2025-03-13T00:26:13.202887600Z
- 4fd0.56f8: FileAttributes: 0x20
- 4fd0.56f8: Size: 0xbf580
- 4fd0.56f8: NT Headers: 0xf8
- 4fd0.56f8: Timestamp: 0x5c4539f7
- 4fd0.56f8: Machine: 0x8664 - amd64
- 4fd0.56f8: Timestamp: 0x5c4539f7
- 4fd0.56f8: Image Version: 10.0
- 4fd0.56f8: SizeOfImage: 0xc2000 (794624)
- 4fd0.56f8: Resource Dir: 0xc0000 LB 0x520
- 4fd0.56f8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
- 4fd0.56f8: [Raw version resource data: 0xc00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
- 4fd0.56f8: ProductName: Microsoft® Windows® Operating System
- 4fd0.56f8: ProductVersion: 10.0.19041.5438
- 4fd0.56f8: FileVersion: 10.0.19041.5438 (WinBuild.160101.0800)
- 4fd0.56f8: FileDescription: Windows NT BASE API Client DLL
- 4fd0.56f8: \SystemRoot\System32\KernelBase.dll:
- 4fd0.56f8: CreationTime: 2025-03-12T14:01:29.261834800Z
- 4fd0.56f8: LastWriteTime: 2025-03-12T14:01:29.432837400Z
- 4fd0.56f8: ChangeTime: 2025-03-13T00:26:13.361144700Z
- 4fd0.56f8: FileAttributes: 0x20
- 4fd0.56f8: Size: 0x2ffbc8
- 4fd0.56f8: NT Headers: 0x100
- 4fd0.56f8: Timestamp: 0x18768d24
- 4fd0.56f8: Machine: 0x8664 - amd64
- 4fd0.56f8: Timestamp: 0x18768d24
- 4fd0.56f8: Image Version: 10.0
- 4fd0.56f8: SizeOfImage: 0x2ff000 (3141632)
- 4fd0.56f8: Resource Dir: 0x2d5000 LB 0x548
- 4fd0.56f8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
- 4fd0.56f8: [Raw version resource data: 0x2d50b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
- 4fd0.56f8: ProductName: Microsoft® Windows® Operating System
- 4fd0.56f8: ProductVersion: 10.0.19041.5607
- 4fd0.56f8: FileVersion: 10.0.19041.5607 (WinBuild.160101.0800)
- 4fd0.56f8: FileDescription: Windows NT BASE API Client DLL
- 4fd0.56f8: \SystemRoot\System32\apisetschema.dll:
- 4fd0.56f8: CreationTime: 2024-02-14T14:37:28.741454000Z
- 4fd0.56f8: LastWriteTime: 2024-02-14T14:37:28.744454900Z
- 4fd0.56f8: ChangeTime: 2025-03-12T14:02:29.664325300Z
- 4fd0.56f8: FileAttributes: 0x20
- 4fd0.56f8: Size: 0x1f970
- 4fd0.56f8: NT Headers: 0xd0
- 4fd0.56f8: Timestamp: 0x818769b5
- 4fd0.56f8: Machine: 0x8664 - amd64
- 4fd0.56f8: Timestamp: 0x818769b5
- 4fd0.56f8: Image Version: 10.0
- 4fd0.56f8: SizeOfImage: 0x20000 (131072)
- 4fd0.56f8: Resource Dir: 0x1f000 LB 0x408
- 4fd0.56f8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
- 4fd0.56f8: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
- 4fd0.56f8: ProductName: Microsoft® Windows® Operating System
- 4fd0.56f8: ProductVersion: 10.0.19041.3996
- 4fd0.56f8: FileVersion: 10.0.19041.3996 (WinBuild.160101.0800)
- 4fd0.56f8: FileDescription: ApiSet Schema DLL
- 4fd0.56f8: NtOpenDirectoryObject failed on \Driver: 0xc0000022
- 4fd0.56f8: supR3HardenedWinFindAdversaries: 0x4
- 4fd0.56f8: \SystemRoot\System32\drivers\aswMonFlt.sys:
- 4fd0.56f8: CreationTime: 2020-08-07T19:51:55.032153500Z
- 4fd0.56f8: LastWriteTime: 2025-03-21T12:31:46.710356000Z
- 4fd0.56f8: ChangeTime: 2025-03-21T12:31:50.684118700Z
- 4fd0.56f8: FileAttributes: 0x20
- 4fd0.56f8: Size: 0x44058
- 4fd0.56f8: NT Headers: 0xf0
- 4fd0.56f8: Timestamp: 0x67bdc4d6
- 4fd0.56f8: Machine: 0x8664 - amd64
- 4fd0.56f8: Timestamp: 0x67bdc4d6
- 4fd0.56f8: Image Version: 10.0
- 4fd0.56f8: SizeOfImage: 0x4a000 (303104)
- 4fd0.56f8: Resource Dir: 0x48000 LB 0x3b0
- 4fd0.56f8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
- 4fd0.56f8: [Raw version resource data: 0x48058 LB 0x358, codepage 0x0 (reserved 0x0)]
- 4fd0.56f8: ProductName: Antivirus
- 4fd0.56f8: ProductVersion: 25.2.825.0
- 4fd0.56f8: FileVersion: 25.2.825.0
- 4fd0.56f8: FileDescription: Gen File System Filter
- 4fd0.56f8: \SystemRoot\System32\drivers\aswRdr2.sys:
- 4fd0.56f8: CreationTime: 2018-05-16T00:25:18.848905300Z
- 4fd0.56f8: LastWriteTime: 2025-03-21T12:31:44.273366900Z
- 4fd0.56f8: ChangeTime: 2025-03-21T12:31:50.675118700Z
- 4fd0.56f8: FileAttributes: 0x20
- 4fd0.56f8: Size: 0x18260
- 4fd0.56f8: NT Headers: 0xe8
- 4fd0.56f8: Timestamp: 0x67bdc4d4
- 4fd0.56f8: Machine: 0x8664 - amd64
- 4fd0.56f8: Timestamp: 0x67bdc4d4
- 4fd0.56f8: Image Version: 10.0
- 4fd0.56f8: SizeOfImage: 0x1c000 (114688)
- 4fd0.56f8: Resource Dir: 0x1a000 LB 0x398
- 4fd0.56f8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
- 4fd0.56f8: [Raw version resource data: 0x1a058 LB 0x33c, codepage 0x0 (reserved 0x0)]
- 4fd0.56f8: ProductName: Antivirus
- 4fd0.56f8: ProductVersion: 25.2.825.0
- 4fd0.56f8: FileVersion: 25.2.825.0
- 4fd0.56f8: FileDescription: Gen Antivirus
- 4fd0.56f8: \SystemRoot\System32\drivers\aswRvrt.sys:
- 4fd0.56f8: CreationTime: 2018-05-16T00:25:18.848905300Z
- 4fd0.56f8: LastWriteTime: 2025-03-21T12:31:44.322355800Z
- 4fd0.56f8: ChangeTime: 2025-03-21T12:31:50.708117600Z
- 4fd0.56f8: FileAttributes: 0x20
- 4fd0.56f8: Size: 0x11060
- 4fd0.56f8: NT Headers: 0xe8
- 4fd0.56f8: Timestamp: 0x67bdc4d4
- 4fd0.56f8: Machine: 0x8664 - amd64
- 4fd0.56f8: Timestamp: 0x67bdc4d4
- 4fd0.56f8: Image Version: 10.0
- 4fd0.56f8: SizeOfImage: 0x13000 (77824)
- 4fd0.56f8: Resource Dir: 0x11000 LB 0x390
- 4fd0.56f8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
- 4fd0.56f8: [Raw version resource data: 0x11058 LB 0x338, codepage 0x0 (reserved 0x0)]
- 4fd0.56f8: ProductName: Antivirus
- 4fd0.56f8: ProductVersion: 25.2.825.0
- 4fd0.56f8: FileVersion: 25.2.825.0
- 4fd0.56f8: FileDescription: Gen Revert
- 4fd0.56f8: \SystemRoot\System32\drivers\aswSnx.sys:
- 4fd0.56f8: CreationTime: 2018-05-16T00:25:18.848905300Z
- 4fd0.56f8: LastWriteTime: 2025-03-21T12:31:38.772358000Z
- 4fd0.56f8: ChangeTime: 2025-03-21T12:31:50.606117300Z
- 4fd0.56f8: FileAttributes: 0x20
- 4fd0.56f8: Size: 0xea258
- 4fd0.56f8: NT Headers: 0xf0
- 4fd0.56f8: Timestamp: 0x67bdc4d9
- 4fd0.56f8: Machine: 0x8664 - amd64
- 4fd0.56f8: Timestamp: 0x67bdc4d9
- 4fd0.56f8: Image Version: 10.0
- 4fd0.56f8: SizeOfImage: 0xf0000 (983040)
- 4fd0.56f8: Resource Dir: 0xec000 LB 0x3b0
- 4fd0.56f8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
- 4fd0.56f8: [Raw version resource data: 0xec058 LB 0x354, codepage 0x0 (reserved 0x0)]
- 4fd0.56f8: ProductName: Antivirus
- 4fd0.56f8: ProductVersion: 25.2.825.0
- 4fd0.56f8: FileVersion: 25.2.825.0
- 4fd0.56f8: FileDescription: Gen Virtualization Driver
- 4fd0.56f8: \SystemRoot\System32\drivers\aswsp.sys:
- 4fd0.56f8: CreationTime: 2018-05-16T00:25:18.848905300Z
- 4fd0.56f8: LastWriteTime: 2025-03-21T12:31:44.319368100Z
- 4fd0.56f8: ChangeTime: 2025-03-21T12:31:50.697117900Z
- 4fd0.56f8: FileAttributes: 0x20
- 4fd0.56f8: Size: 0x15c860
- 4fd0.56f8: NT Headers: 0xf0
- 4fd0.56f8: Timestamp: 0x67bdc4de
- 4fd0.56f8: Machine: 0x8664 - amd64
- 4fd0.56f8: Timestamp: 0x67bdc4de
- 4fd0.56f8: Image Version: 10.0
- 4fd0.56f8: SizeOfImage: 0x162000 (1449984)
- 4fd0.56f8: Resource Dir: 0x160000 LB 0x398
- 4fd0.56f8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
- 4fd0.56f8: [Raw version resource data: 0x160058 LB 0x340, codepage 0x0 (reserved 0x0)]
- 4fd0.56f8: ProductName: Antivirus
- 4fd0.56f8: ProductVersion: 25.2.825.0
- 4fd0.56f8: FileVersion: 25.2.825.0
- 4fd0.56f8: FileDescription: Gen Self Protection
- 4fd0.56f8: \SystemRoot\System32\drivers\aswStm.sys:
- 4fd0.56f8: CreationTime: 2025-03-21T12:31:50.726118300Z
- 4fd0.56f8: LastWriteTime: 2025-03-21T12:31:45.607439100Z
- 4fd0.56f8: ChangeTime: 2025-03-22T09:28:45.127780600Z
- 4fd0.56f8: FileAttributes: 0x20
- 4fd0.56f8: Size: 0x32a60
- 4fd0.56f8: NT Headers: 0xf8
- 4fd0.56f8: Timestamp: 0x67bdc4d6
- 4fd0.56f8: Machine: 0x8664 - amd64
- 4fd0.56f8: Timestamp: 0x67bdc4d6
- 4fd0.56f8: Image Version: 10.0
- 4fd0.56f8: SizeOfImage: 0x37000 (225280)
- 4fd0.56f8: Resource Dir: 0x35000 LB 0x3a0
- 4fd0.56f8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
- 4fd0.56f8: [Raw version resource data: 0x35058 LB 0x344, codepage 0x0 (reserved 0x0)]
- 4fd0.56f8: ProductName: Antivirus
- 4fd0.56f8: ProductVersion: 25.2.825.0
- 4fd0.56f8: FileVersion: 25.2.825.0
- 4fd0.56f8: FileDescription: Gen Stream Filter
- 4fd0.56f8: \SystemRoot\System32\drivers\aswVmm.sys:
- 4fd0.56f8: CreationTime: 2018-05-16T00:25:18.864532700Z
- 4fd0.56f8: LastWriteTime: 2025-03-21T12:31:46.729356200Z
- 4fd0.56f8: ChangeTime: 2025-03-21T12:31:50.740118700Z
- 4fd0.56f8: FileAttributes: 0x20
- 4fd0.56f8: Size: 0x5f258
- 4fd0.56f8: NT Headers: 0xf8
- 4fd0.56f8: Timestamp: 0x67bdc4d6
- 4fd0.56f8: Machine: 0x8664 - amd64
- 4fd0.56f8: Timestamp: 0x67bdc4d6
- 4fd0.56f8: Image Version: 10.0
- 4fd0.56f8: SizeOfImage: 0x61000 (397312)
- 4fd0.56f8: Resource Dir: 0x5f000 LB 0x398
- 4fd0.56f8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
- 4fd0.56f8: [Raw version resource data: 0x5f058 LB 0x340, codepage 0x0 (reserved 0x0)]
- 4fd0.56f8: ProductName: Antivirus
- 4fd0.56f8: ProductVersion: 25.2.825.0
- 4fd0.56f8: FileVersion: 25.2.825.0
- 4fd0.56f8: FileDescription: Gen VM Monitor
- 4fd0.56f8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
- 4fd0.56f8: Calling main()
- 4fd0.56f8: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
- 4fd0.56f8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
- 4fd0.56f8: SUPR3HardenedMain: Respawn #1
- 4fd0.56f8: System32: \Device\HarddiskVolume4\Windows\System32
- 4fd0.56f8: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
- 4fd0.56f8: KnownDllPath: C:\WINDOWS\System32
- 4fd0.56f8: supR3HardenedWinInit: Performing a limited self purification...
- 4fd0.56f8: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
- 4fd0.56f8: *0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
- 4fd0.56f8: 000000007ffe1000-000000007ffedfff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *000000007ffee000-000000007ffeefff 0x0002/0x0002 0x0020000
- 4fd0.56f8: 000000007ffef000-0000000aa80cffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000000aa80d0000-0000000aa8180fff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 0000000aa8181000-0000000aa8183fff 0x0104/0x0004 0x0020000
- 4fd0.56f8: 0000000aa8184000-0000000aa81cffff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000000aa81d0000-0000000aa81fffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000000aa8200000-0000000aa8374fff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 0000000aa8375000-0000000aa8377fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000000aa8378000-0000000aa83fffff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 0000000aa8400000-0000011fcbfeffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcbff0000-0000011fcbffffff 0x0004/0x0004 0x0040000
- 4fd0.56f8: *0000011fcc000000-0000011fcc001fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000011fcc002000-0000011fcc00ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcc010000-0000011fcc02cfff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000011fcc02d000-0000011fcc02ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcc030000-0000011fcc030fff 0x0020/0x0004 0x0020000 !!
- 4fd0.56f8: 0000011fcc031000-0000011fcc03ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcc040000-0000011fcc041fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000011fcc042000-0000011fcc04ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcc050000-0000011fcc053fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000011fcc054000-0000011fcc05ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcc060000-0000011fcc060fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000011fcc061000-0000011fcc06ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcc070000-0000011fcc071fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000011fcc072000-0000011fcc07ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcc080000-0000011fcc148fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000011fcc149000-0000011fcc14ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcc150000-0000011fcc150fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000011fcc151000-0000011fcc1bffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcc1c0000-0000011fcc1c6fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000011fcc1c7000-0000011fcc2bffff 0x0000/0x0004 0x0020000
- 4fd0.56f8: *0000011fcc2c0000-0000011fcc2c1fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000011fcc2c2000-0000011fcc321fff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 0000011fcc322000-0000011fcc3effff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcc3f0000-0000011fcc3fefff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000011fcc3ff000-0000011fcc3fffff 0x0000/0x0004 0x0020000
- 4fd0.56f8: *0000011fcc400000-0000011fcc40efff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 0000011fcc40f000-0000011fcc607fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000011fcc608000-0000011fcc608fff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 0000011fcc609000-0000011fcc60ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000011fcc610000-0000011fcc640fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000011fcc641000-0000011fcc70ffff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 0000011fcc710000-00007df4eaa0ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007df4eaa10000-00007df4eaa14fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 00007df4eaa15000-00007df4eab0ffff 0x0000/0x0002 0x0040000
- 4fd0.56f8: *00007df4eab10000-00007df5eab2ffff 0x0000/0x0004 0x0020000
- 4fd0.56f8: *00007df5eab30000-00007df5ecb2ffff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 00007df5ecb30000-00007df5ecb30fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 00007df5ecb31000-00007df5ecb3ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007df5ecb40000-00007df5ecb40fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 00007df5ecb41000-00007df5ecb4ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007df5ecb50000-00007df5ecb72fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 00007df5ecb73000-00007df5ecb7ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007df5ecb80000-00007df5ee4b7fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007df5ee4b8000-00007df5ee692fff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007df5ee693000-00007df5ee946fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007df5ee947000-00007df5ee947fff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007df5ee948000-00007dfa6be7ffff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007dfa6be80000-00007dfa6be80fff 0x0002/0x0001 0x0040000
- 4fd0.56f8: 00007dfa6be81000-00007ff5c6f21fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007ff5c6f22000-00007ff5c6f26fff 0x0002/0x0001 0x0040000
- 4fd0.56f8: 00007ff5c6f27000-00007ff5e1824fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007ff5e1825000-00007ff5e34bdfff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007ff5e34be000-00007ff5e34befff 0x0002/0x0001 0x0040000
- 4fd0.56f8: 00007ff5e34bf000-00007ff5e3884fff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007ff5e3885000-00007ff5e3886fff 0x0002/0x0001 0x0040000
- 4fd0.56f8: 00007ff5e3887000-00007ff5e4421fff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007ff5e4422000-00007ff5e442efff 0x0002/0x0001 0x0040000
- 4fd0.56f8: 00007ff5e442f000-00007ff5e447dfff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007ff5e447e000-00007ff5e4481fff 0x0002/0x0001 0x0040000
- 4fd0.56f8: 00007ff5e4482000-00007ff5e44bbfff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007ff5e44bc000-00007ff5e44c4fff 0x0002/0x0001 0x0040000
- 4fd0.56f8: 00007ff5e44c5000-00007ff5ecb7ffff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007ff5ecb80000-00007ff68e88ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007ff68e890000-00007ff68e890fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e891000-00007ff68e8fbfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e8fc000-00007ff68e8fcfff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e8fd000-00007ff68e951fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e952000-00007ff68e954fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e955000-00007ff68e957fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e958000-00007ff68e95dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e95e000-00007ff68e95efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e95f000-00007ff68e999fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e99a000-00007ffda4f7ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007ffda4f80000-00007ffda4f8ffff 0x0020/0x0040 0x0020000 !!
- 4fd0.56f8: 00007ffda4f90000-00007ffdb416ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007ffdb4170000-00007ffdb4170fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll
- 4fd0.56f8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffdb4170000 LB 0x1000 (base 00007ffdb4170000) - 'aswhook.dll'
- 4fd0.56f8: 00007ffdb4171000-00007ffdb417dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll
- 4fd0.56f8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffdb4171000 LB 0xd000 (base 00007ffdb4170000) - 'aswhook.dll'
- 4fd0.56f8: 00007ffdb417e000-00007ffdb4180fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll
- 4fd0.56f8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffdb417e000 LB 0x3000 (base 00007ffdb4170000) - 'aswhook.dll'
- 4fd0.56f8: 00007ffdb4181000-00007ffdb4182fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll
- 4fd0.56f8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffdb4181000 LB 0x2000 (base 00007ffdb4170000) - 'aswhook.dll'
- 4fd0.56f8: 00007ffdb4183000-00007ffdb4186fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll
- 4fd0.56f8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffdb4183000 LB 0x4000 (base 00007ffdb4170000) - 'aswhook.dll'
- 4fd0.56f8: 00007ffdb4187000-00007ffdb4187fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll
- 4fd0.56f8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffdb4187000 LB 0x1000 (base 00007ffdb4170000) - 'aswhook.dll'
- 4fd0.56f8: 00007ffdb4188000-00007ffdb4189fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll
- 4fd0.56f8: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffdb4188000 LB 0x2000 (base 00007ffdb4170000) - 'aswhook.dll'
- 4fd0.56f8: 00007ffdb418a000-00007ffde289ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007ffde28a0000-00007ffde28a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
- 4fd0.56f8: 00007ffde28a1000-00007ffde29dafff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
- 4fd0.56f8: 00007ffde29db000-00007ffde2b5dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
- 4fd0.56f8: 00007ffde2b5e000-00007ffde2b62fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
- 4fd0.56f8: 00007ffde2b63000-00007ffde2b9efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
- 4fd0.56f8: 00007ffde2b9f000-00007ffde3f8ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007ffde3f90000-00007ffde3f90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
- 4fd0.56f8: 00007ffde3f91000-00007ffde4011fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
- 4fd0.56f8: 00007ffde4012000-00007ffde4046fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
- 4fd0.56f8: 00007ffde4047000-00007ffde4048fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
- 4fd0.56f8: 00007ffde4049000-00007ffde4051fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
- 4fd0.56f8: 00007ffde4052000-00007ffde4f0ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007ffde4f10000-00007ffde4f10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde4f11000-00007ffde502cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde502d000-00007ffde5075fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5076000-00007ffde5076fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5077000-00007ffde5078fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5079000-00007ffde5081fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5082000-00007ffde5107fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5108000-00007ffffffeffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: kernel32.dll: timestamp 0x5c4539f7 (rc=VINF_SUCCESS)
- 4fd0.56f8: kernelbase.dll: timestamp 0x18768d24 (rc=VINF_SUCCESS)
- 4fd0.56f8: VirtualBoxVM.exe: timestamp 0x678f9dd6 (rc=VINF_SUCCESS)
- 4fd0.56f8: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
- 4fd0.56f8: VirtualBoxVM.exe: Differences in section #7 (.00cfg) between file and memory:
- 4fd0.56f8: 00007ff68e966000 / 0x00d6000: 00 != 60
- 4fd0.56f8: 00007ff68e966001 / 0x00d6001: e7 != cc
- 4fd0.56f8: 00007ff68e966002 / 0x00d6002: 8a != f9
- 4fd0.56f8: 00007ff68e966003 / 0x00d6003: 8e != e4
- 4fd0.56f8: 00007ff68e966004 / 0x00d6004: f6 != fd
- 4fd0.56f8: 00007ff68e966010 / 0x00d6010: f0 != 00
- 4fd0.56f8: 00007ff68e966011 / 0x00d6011: b4 != cd
- 4fd0.56f8: 00007ff68e966012 / 0x00d6012: 8f != f9
- 4fd0.56f8: 00007ff68e966013 / 0x00d6013: 8e != e4
- 4fd0.56f8: 00007ff68e966014 / 0x00d6014: f6 != fd
- 4fd0.56f8: Restored 0x28 bytes of original file content at 00007ff68e966000
- 4fd0.56f8: VirtualBoxVM.exe: Differences in section #8 (.rsrc) between file and memory:
- 4fd0.56f8: 00007ff68e997b28 / 0x0107b28: 00 != 50
- 4fd0.56f8: 00007ff68e997b29 / 0x0107b29: 00 != 41
- 4fd0.56f8: 00007ff68e997b2a / 0x0107b2a: 00 != 44
- 4fd0.56f8: 00007ff68e997b2b / 0x0107b2b: 00 != 44
- 4fd0.56f8: 00007ff68e997b2c / 0x0107b2c: 00 != 49
- 4fd0.56f8: 00007ff68e997b2d / 0x0107b2d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b2e / 0x0107b2e: 00 != 47
- 4fd0.56f8: 00007ff68e997b2f / 0x0107b2f: 00 != 58
- 4fd0.56f8: 00007ff68e997b30 / 0x0107b30: 00 != 58
- 4fd0.56f8: 00007ff68e997b31 / 0x0107b31: 00 != 50
- 4fd0.56f8: 00007ff68e997b32 / 0x0107b32: 00 != 41
- 4fd0.56f8: 00007ff68e997b33 / 0x0107b33: 00 != 44
- 4fd0.56f8: 00007ff68e997b34 / 0x0107b34: 00 != 44
- 4fd0.56f8: 00007ff68e997b35 / 0x0107b35: 00 != 49
- 4fd0.56f8: 00007ff68e997b36 / 0x0107b36: 00 != 4e
- 4fd0.56f8: 00007ff68e997b37 / 0x0107b37: 00 != 47
- 4fd0.56f8: 00007ff68e997b38 / 0x0107b38: 00 != 50
- 4fd0.56f8: 00007ff68e997b39 / 0x0107b39: 00 != 41
- 4fd0.56f8: 00007ff68e997b3a / 0x0107b3a: 00 != 44
- 4fd0.56f8: 00007ff68e997b3b / 0x0107b3b: 00 != 44
- 4fd0.56f8: 00007ff68e997b3c / 0x0107b3c: 00 != 49
- 4fd0.56f8: 00007ff68e997b3d / 0x0107b3d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b3e / 0x0107b3e: 00 != 47
- 4fd0.56f8: 00007ff68e997b3f / 0x0107b3f: 00 != 58
- 4fd0.56f8: 00007ff68e997b40 / 0x0107b40: 00 != 58
- 4fd0.56f8: 00007ff68e997b41 / 0x0107b41: 00 != 50
- 4fd0.56f8: 00007ff68e997b42 / 0x0107b42: 00 != 41
- 4fd0.56f8: 00007ff68e997b43 / 0x0107b43: 00 != 44
- 4fd0.56f8: 00007ff68e997b44 / 0x0107b44: 00 != 44
- 4fd0.56f8: 00007ff68e997b45 / 0x0107b45: 00 != 49
- 4fd0.56f8: 00007ff68e997b46 / 0x0107b46: 00 != 4e
- 4fd0.56f8: 00007ff68e997b47 / 0x0107b47: 00 != 47
- 4fd0.56f8: 00007ff68e997b48 / 0x0107b48: 00 != 50
- 4fd0.56f8: 00007ff68e997b49 / 0x0107b49: 00 != 41
- 4fd0.56f8: 00007ff68e997b4a / 0x0107b4a: 00 != 44
- 4fd0.56f8: 00007ff68e997b4b / 0x0107b4b: 00 != 44
- 4fd0.56f8: 00007ff68e997b4c / 0x0107b4c: 00 != 49
- 4fd0.56f8: 00007ff68e997b4d / 0x0107b4d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b4e / 0x0107b4e: 00 != 47
- 4fd0.56f8: 00007ff68e997b4f / 0x0107b4f: 00 != 58
- 4fd0.56f8: 00007ff68e997b50 / 0x0107b50: 00 != 58
- 4fd0.56f8: 00007ff68e997b51 / 0x0107b51: 00 != 50
- 4fd0.56f8: 00007ff68e997b52 / 0x0107b52: 00 != 41
- 4fd0.56f8: 00007ff68e997b53 / 0x0107b53: 00 != 44
- 4fd0.56f8: 00007ff68e997b54 / 0x0107b54: 00 != 44
- 4fd0.56f8: 00007ff68e997b55 / 0x0107b55: 00 != 49
- 4fd0.56f8: 00007ff68e997b56 / 0x0107b56: 00 != 4e
- 4fd0.56f8: 00007ff68e997b57 / 0x0107b57: 00 != 47
- 4fd0.56f8: 00007ff68e997b58 / 0x0107b58: 00 != 50
- 4fd0.56f8: 00007ff68e997b59 / 0x0107b59: 00 != 41
- 4fd0.56f8: 00007ff68e997b5a / 0x0107b5a: 00 != 44
- 4fd0.56f8: 00007ff68e997b5b / 0x0107b5b: 00 != 44
- 4fd0.56f8: 00007ff68e997b5c / 0x0107b5c: 00 != 49
- 4fd0.56f8: 00007ff68e997b5d / 0x0107b5d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b5e / 0x0107b5e: 00 != 47
- 4fd0.56f8: 00007ff68e997b5f / 0x0107b5f: 00 != 58
- 4fd0.56f8: 00007ff68e997b60 / 0x0107b60: 00 != 58
- 4fd0.56f8: 00007ff68e997b61 / 0x0107b61: 00 != 50
- 4fd0.56f8: 00007ff68e997b62 / 0x0107b62: 00 != 41
- 4fd0.56f8: 00007ff68e997b63 / 0x0107b63: 00 != 44
- 4fd0.56f8: 00007ff68e997b64 / 0x0107b64: 00 != 44
- 4fd0.56f8: 00007ff68e997b65 / 0x0107b65: 00 != 49
- 4fd0.56f8: 00007ff68e997b66 / 0x0107b66: 00 != 4e
- 4fd0.56f8: 00007ff68e997b67 / 0x0107b67: 00 != 47
- 4fd0.56f8: 00007ff68e997b68 / 0x0107b68: 00 != 50
- 4fd0.56f8: 00007ff68e997b69 / 0x0107b69: 00 != 41
- 4fd0.56f8: 00007ff68e997b6a / 0x0107b6a: 00 != 44
- 4fd0.56f8: 00007ff68e997b6b / 0x0107b6b: 00 != 44
- 4fd0.56f8: 00007ff68e997b6c / 0x0107b6c: 00 != 49
- 4fd0.56f8: 00007ff68e997b6d / 0x0107b6d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b6e / 0x0107b6e: 00 != 47
- 4fd0.56f8: 00007ff68e997b6f / 0x0107b6f: 00 != 58
- 4fd0.56f8: 00007ff68e997b70 / 0x0107b70: 00 != 58
- 4fd0.56f8: 00007ff68e997b71 / 0x0107b71: 00 != 50
- 4fd0.56f8: 00007ff68e997b72 / 0x0107b72: 00 != 41
- 4fd0.56f8: 00007ff68e997b73 / 0x0107b73: 00 != 44
- 4fd0.56f8: 00007ff68e997b74 / 0x0107b74: 00 != 44
- 4fd0.56f8: 00007ff68e997b75 / 0x0107b75: 00 != 49
- 4fd0.56f8: 00007ff68e997b76 / 0x0107b76: 00 != 4e
- 4fd0.56f8: 00007ff68e997b77 / 0x0107b77: 00 != 47
- 4fd0.56f8: 00007ff68e997b78 / 0x0107b78: 00 != 50
- 4fd0.56f8: 00007ff68e997b79 / 0x0107b79: 00 != 41
- 4fd0.56f8: 00007ff68e997b7a / 0x0107b7a: 00 != 44
- 4fd0.56f8: 00007ff68e997b7b / 0x0107b7b: 00 != 44
- 4fd0.56f8: 00007ff68e997b7c / 0x0107b7c: 00 != 49
- 4fd0.56f8: 00007ff68e997b7d / 0x0107b7d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b7e / 0x0107b7e: 00 != 47
- 4fd0.56f8: 00007ff68e997b7f / 0x0107b7f: 00 != 58
- 4fd0.56f8: 00007ff68e997b80 / 0x0107b80: 00 != 58
- 4fd0.56f8: 00007ff68e997b81 / 0x0107b81: 00 != 50
- 4fd0.56f8: 00007ff68e997b82 / 0x0107b82: 00 != 41
- 4fd0.56f8: 00007ff68e997b83 / 0x0107b83: 00 != 44
- 4fd0.56f8: 00007ff68e997b84 / 0x0107b84: 00 != 44
- 4fd0.56f8: 00007ff68e997b85 / 0x0107b85: 00 != 49
- 4fd0.56f8: 00007ff68e997b86 / 0x0107b86: 00 != 4e
- 4fd0.56f8: 00007ff68e997b87 / 0x0107b87: 00 != 47
- 4fd0.56f8: 00007ff68e997b88 / 0x0107b88: 00 != 50
- 4fd0.56f8: 00007ff68e997b89 / 0x0107b89: 00 != 41
- 4fd0.56f8: 00007ff68e997b8a / 0x0107b8a: 00 != 44
- 4fd0.56f8: 00007ff68e997b8b / 0x0107b8b: 00 != 44
- 4fd0.56f8: 00007ff68e997b8c / 0x0107b8c: 00 != 49
- 4fd0.56f8: 00007ff68e997b8d / 0x0107b8d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b8e / 0x0107b8e: 00 != 47
- 4fd0.56f8: 00007ff68e997b8f / 0x0107b8f: 00 != 58
- 4fd0.56f8: 00007ff68e997b90 / 0x0107b90: 00 != 58
- 4fd0.56f8: 00007ff68e997b91 / 0x0107b91: 00 != 50
- 4fd0.56f8: 00007ff68e997b92 / 0x0107b92: 00 != 41
- 4fd0.56f8: 00007ff68e997b93 / 0x0107b93: 00 != 44
- 4fd0.56f8: 00007ff68e997b94 / 0x0107b94: 00 != 44
- 4fd0.56f8: 00007ff68e997b95 / 0x0107b95: 00 != 49
- 4fd0.56f8: 00007ff68e997b96 / 0x0107b96: 00 != 4e
- 4fd0.56f8: 00007ff68e997b97 / 0x0107b97: 00 != 47
- 4fd0.56f8: 00007ff68e997b98 / 0x0107b98: 00 != 50
- 4fd0.56f8: 00007ff68e997b99 / 0x0107b99: 00 != 41
- 4fd0.56f8: 00007ff68e997b9a / 0x0107b9a: 00 != 44
- 4fd0.56f8: 00007ff68e997b9b / 0x0107b9b: 00 != 44
- 4fd0.56f8: 00007ff68e997b9c / 0x0107b9c: 00 != 49
- 4fd0.56f8: 00007ff68e997b9d / 0x0107b9d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b9e / 0x0107b9e: 00 != 47
- 4fd0.56f8: 00007ff68e997b9f / 0x0107b9f: 00 != 58
- 4fd0.56f8: 00007ff68e997ba0 / 0x0107ba0: 00 != 58
- 4fd0.56f8: 00007ff68e997ba1 / 0x0107ba1: 00 != 50
- 4fd0.56f8: 00007ff68e997ba2 / 0x0107ba2: 00 != 41
- 4fd0.56f8: 00007ff68e997ba3 / 0x0107ba3: 00 != 44
- 4fd0.56f8: 00007ff68e997ba4 / 0x0107ba4: 00 != 44
- 4fd0.56f8: 00007ff68e997ba5 / 0x0107ba5: 00 != 49
- 4fd0.56f8: 00007ff68e997ba6 / 0x0107ba6: 00 != 4e
- 4fd0.56f8: 00007ff68e997ba7 / 0x0107ba7: 00 != 47
- 4fd0.56f8: 00007ff68e997ba8 / 0x0107ba8: 00 != 50
- 4fd0.56f8: 00007ff68e997ba9 / 0x0107ba9: 00 != 41
- 4fd0.56f8: 00007ff68e997baa / 0x0107baa: 00 != 44
- 4fd0.56f8: 00007ff68e997bab / 0x0107bab: 00 != 44
- 4fd0.56f8: 00007ff68e997bac / 0x0107bac: 00 != 49
- 4fd0.56f8: 00007ff68e997bad / 0x0107bad: 00 != 4e
- 4fd0.56f8: 00007ff68e997bae / 0x0107bae: 00 != 47
- 4fd0.56f8: 00007ff68e997baf / 0x0107baf: 00 != 58
- 4fd0.56f8: 00007ff68e997bb0 / 0x0107bb0: 00 != 58
- 4fd0.56f8: 00007ff68e997bb1 / 0x0107bb1: 00 != 50
- 4fd0.56f8: 00007ff68e997bb2 / 0x0107bb2: 00 != 41
- 4fd0.56f8: 00007ff68e997bb3 / 0x0107bb3: 00 != 44
- 4fd0.56f8: 00007ff68e997bb4 / 0x0107bb4: 00 != 44
- 4fd0.56f8: 00007ff68e997bb5 / 0x0107bb5: 00 != 49
- 4fd0.56f8: 00007ff68e997bb6 / 0x0107bb6: 00 != 4e
- 4fd0.56f8: 00007ff68e997bb7 / 0x0107bb7: 00 != 47
- 4fd0.56f8: 00007ff68e997bb8 / 0x0107bb8: 00 != 50
- 4fd0.56f8: 00007ff68e997bb9 / 0x0107bb9: 00 != 41
- 4fd0.56f8: 00007ff68e997bba / 0x0107bba: 00 != 44
- 4fd0.56f8: 00007ff68e997bbb / 0x0107bbb: 00 != 44
- 4fd0.56f8: 00007ff68e997bbc / 0x0107bbc: 00 != 49
- 4fd0.56f8: 00007ff68e997bbd / 0x0107bbd: 00 != 4e
- 4fd0.56f8: 00007ff68e997bbe / 0x0107bbe: 00 != 47
- 4fd0.56f8: 00007ff68e997bbf / 0x0107bbf: 00 != 58
- 4fd0.56f8: 00007ff68e997bc0 / 0x0107bc0: 00 != 58
- 4fd0.56f8: 00007ff68e997bc1 / 0x0107bc1: 00 != 50
- 4fd0.56f8: 00007ff68e997bc2 / 0x0107bc2: 00 != 41
- 4fd0.56f8: 00007ff68e997bc3 / 0x0107bc3: 00 != 44
- 4fd0.56f8: 00007ff68e997bc4 / 0x0107bc4: 00 != 44
- 4fd0.56f8: 00007ff68e997bc5 / 0x0107bc5: 00 != 49
- 4fd0.56f8: 00007ff68e997bc6 / 0x0107bc6: 00 != 4e
- 4fd0.56f8: 00007ff68e997bc7 / 0x0107bc7: 00 != 47
- 4fd0.56f8: 00007ff68e997bc8 / 0x0107bc8: 00 != 50
- 4fd0.56f8: 00007ff68e997bc9 / 0x0107bc9: 00 != 41
- 4fd0.56f8: 00007ff68e997bca / 0x0107bca: 00 != 44
- 4fd0.56f8: 00007ff68e997bcb / 0x0107bcb: 00 != 44
- 4fd0.56f8: 00007ff68e997bcc / 0x0107bcc: 00 != 49
- 4fd0.56f8: 00007ff68e997bcd / 0x0107bcd: 00 != 4e
- 4fd0.56f8: 00007ff68e997bce / 0x0107bce: 00 != 47
- 4fd0.56f8: 00007ff68e997bcf / 0x0107bcf: 00 != 58
- 4fd0.56f8: 00007ff68e997bd0 / 0x0107bd0: 00 != 58
- 4fd0.56f8: 00007ff68e997bd1 / 0x0107bd1: 00 != 50
- 4fd0.56f8: 00007ff68e997bd2 / 0x0107bd2: 00 != 41
- 4fd0.56f8: 00007ff68e997bd3 / 0x0107bd3: 00 != 44
- 4fd0.56f8: 00007ff68e997bd4 / 0x0107bd4: 00 != 44
- 4fd0.56f8: 00007ff68e997bd5 / 0x0107bd5: 00 != 49
- 4fd0.56f8: 00007ff68e997bd6 / 0x0107bd6: 00 != 4e
- 4fd0.56f8: 00007ff68e997bd7 / 0x0107bd7: 00 != 47
- 4fd0.56f8: 00007ff68e997bd8 / 0x0107bd8: 00 != 50
- 4fd0.56f8: 00007ff68e997bd9 / 0x0107bd9: 00 != 41
- 4fd0.56f8: 00007ff68e997bda / 0x0107bda: 00 != 44
- 4fd0.56f8: 00007ff68e997bdb / 0x0107bdb: 00 != 44
- 4fd0.56f8: 00007ff68e997bdc / 0x0107bdc: 00 != 49
- 4fd0.56f8: 00007ff68e997bdd / 0x0107bdd: 00 != 4e
- 4fd0.56f8: 00007ff68e997bde / 0x0107bde: 00 != 47
- 4fd0.56f8: 00007ff68e997bdf / 0x0107bdf: 00 != 58
- 4fd0.56f8: 00007ff68e997be0 / 0x0107be0: 00 != 58
- 4fd0.56f8: 00007ff68e997be1 / 0x0107be1: 00 != 50
- 4fd0.56f8: 00007ff68e997be2 / 0x0107be2: 00 != 41
- 4fd0.56f8: 00007ff68e997be3 / 0x0107be3: 00 != 44
- 4fd0.56f8: 00007ff68e997be4 / 0x0107be4: 00 != 44
- 4fd0.56f8: 00007ff68e997be5 / 0x0107be5: 00 != 49
- 4fd0.56f8: 00007ff68e997be6 / 0x0107be6: 00 != 4e
- 4fd0.56f8: 00007ff68e997be7 / 0x0107be7: 00 != 47
- 4fd0.56f8: 00007ff68e997be8 / 0x0107be8: 00 != 50
- 4fd0.56f8: 00007ff68e997be9 / 0x0107be9: 00 != 41
- 4fd0.56f8: 00007ff68e997bea / 0x0107bea: 00 != 44
- 4fd0.56f8: 00007ff68e997beb / 0x0107beb: 00 != 44
- 4fd0.56f8: 00007ff68e997bec / 0x0107bec: 00 != 49
- 4fd0.56f8: 00007ff68e997bed / 0x0107bed: 00 != 4e
- 4fd0.56f8: 00007ff68e997bee / 0x0107bee: 00 != 47
- 4fd0.56f8: 00007ff68e997bef / 0x0107bef: 00 != 58
- 4fd0.56f8: 00007ff68e997bf0 / 0x0107bf0: 00 != 58
- 4fd0.56f8: 00007ff68e997bf1 / 0x0107bf1: 00 != 50
- 4fd0.56f8: 00007ff68e997bf2 / 0x0107bf2: 00 != 41
- 4fd0.56f8: 00007ff68e997bf3 / 0x0107bf3: 00 != 44
- 4fd0.56f8: 00007ff68e997bf4 / 0x0107bf4: 00 != 44
- 4fd0.56f8: 00007ff68e997bf5 / 0x0107bf5: 00 != 49
- 4fd0.56f8: 00007ff68e997bf6 / 0x0107bf6: 00 != 4e
- 4fd0.56f8: 00007ff68e997bf7 / 0x0107bf7: 00 != 47
- 4fd0.56f8: 00007ff68e997bf8 / 0x0107bf8: 00 != 50
- 4fd0.56f8: 00007ff68e997bf9 / 0x0107bf9: 00 != 41
- 4fd0.56f8: 00007ff68e997bfa / 0x0107bfa: 00 != 44
- 4fd0.56f8: 00007ff68e997bfb / 0x0107bfb: 00 != 44
- 4fd0.56f8: 00007ff68e997bfc / 0x0107bfc: 00 != 49
- 4fd0.56f8: 00007ff68e997bfd / 0x0107bfd: 00 != 4e
- 4fd0.56f8: 00007ff68e997bfe / 0x0107bfe: 00 != 47
- 4fd0.56f8: 00007ff68e997bff / 0x0107bff: 00 != 58
- 4fd0.56f8: Restored 0x4d8 bytes of original file content at 00007ff68e997b28
- 4fd0.56f8: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
- 4fd0.56f8: ntdll.dll: Differences in section #1 (.text) between file and memory:
- 4fd0.56f8: 00007ffde4f1ef70 / 0x000ef70: 48 != e9
- 4fd0.56f8: 00007ffde4f1ef71 / 0x000ef71: 89 != 23
- 4fd0.56f8: 00007ffde4f1ef72 / 0x000ef72: 5c != 13
- 4fd0.56f8: 00007ffde4f1ef73 / 0x000ef73: 24 != 06
- 4fd0.56f8: 00007ffde4f1ef74 / 0x000ef74: 08 != c0
- 4fd0.56f8: 00007ffde4f1ef75 / 0x000ef75: 57 != cc
- 4fd0.56f8: Restored 0x2000 bytes of original file content at 00007ffde4f1d000
- 4fd0.56f8: ntdll.dll: Differences in section #1 (.text) between file and memory:
- 4fd0.56f8: 00007ffde4f257e0 / 0x00157e0: 4c != e9
- 4fd0.56f8: 00007ffde4f257e1 / 0x00157e1: 89 != 53
- 4fd0.56f8: 00007ffde4f257e2 / 0x00157e2: 4c != aa
- 4fd0.56f8: 00007ffde4f257e3 / 0x00157e3: 24 != 05
- 4fd0.56f8: 00007ffde4f257e4 / 0x00157e4: 20 != c0
- 4fd0.56f8: 00007ffde4f257e5 / 0x00157e5: 48 != cc
- 4fd0.56f8: 00007ffde4f257e6 / 0x00157e6: 89 != cc
- 4fd0.56f8: 00007ffde4f257e7 / 0x00157e7: 54 != cc
- 4fd0.56f8: 00007ffde4f257e8 / 0x00157e8: 24 != cc
- 4fd0.56f8: 00007ffde4f257e9 / 0x00157e9: 10 != cc
- 4fd0.56f8: Restored 0x2000 bytes of original file content at 00007ffde4f25000
- 4fd0.56f8: ntdll.dll: Differences in section #1 (.text) between file and memory:
- 4fd0.56f8: 00007ffde4f92070 / 0x0082070: 45 != e9
- 4fd0.56f8: 00007ffde4f92071 / 0x0082071: 33 != 03
- 4fd0.56f8: 00007ffde4f92072 / 0x0082072: c0 != e1
- 4fd0.56f8: 00007ffde4f92073 / 0x0082073: e9 != fe
- 4fd0.56f8: 00007ffde4f92074 / 0x0082074: 08 != bf
- 4fd0.56f8: 00007ffde4f92075 / 0x0082075: 00 != cc
- 4fd0.56f8: 00007ffde4f92076 / 0x0082076: 00 != cc
- 4fd0.56f8: 00007ffde4f92077 / 0x0082077: 00 != cc
- 4fd0.56f8: Restored 0x2000 bytes of original file content at 00007ffde4f91c1e
- 4fd0.56f8: ntdll.dll: Differences in section #1 (.text) between file and memory:
- 4fd0.56f8: 00007ffde5005850 / 0x00f5850: 48 != e9
- 4fd0.56f8: 00007ffde5005851 / 0x00f5851: 89 != 83
- 4fd0.56f8: 00007ffde5005852 / 0x00f5852: 5c != a9
- 4fd0.56f8: 00007ffde5005853 / 0x00f5853: 24 != f7
- 4fd0.56f8: 00007ffde5005854 / 0x00f5854: 08 != bf
- 4fd0.56f8: 00007ffde5005855 / 0x00f5855: 57 != cc
- 4fd0.56f8: Restored 0x2000 bytes of original file content at 00007ffde50053ae
- 4fd0.56f8: ntdll.dll: Differences in section #8 (.00cfg) between file and memory:
- 4fd0.56f8: 00007ffde5095001 / 0x0185001: 10 != cd
- 4fd0.56f8: 00007ffde5095002 / 0x0185002: fb != f9
- 4fd0.56f8: Restored 0x8 bytes of original file content at 00007ffde5095000
- 4fd0.56f8: kernel32.dll: Differences in section #2 (.rdata) between file and memory:
- 4fd0.56f8: 00007ffde4016640 / 0x0086640: e0 != 60
- 4fd0.56f8: 00007ffde4016641 / 0x0086641: 8e != cc
- 4fd0.56f8: 00007ffde4016642 / 0x0086642: fb != f9
- 4fd0.56f8: 00007ffde4016643 / 0x0086643: e3 != e4
- 4fd0.56f8: 00007ffde4016649 / 0x0086649: 91 != cd
- 4fd0.56f8: 00007ffde401664a / 0x008664a: fb != f9
- 4fd0.56f8: 00007ffde401664b / 0x008664b: e3 != e4
- 4fd0.56f8: Restored 0x2000 bytes of original file content at 00007ffde4016000
- 4fd0.56f8: kernelbase.dll: Differences in section #2 (.rdata) between file and memory:
- 4fd0.56f8: 00007ffde2a8d040 / 0x01ed040: 30 != 60
- 4fd0.56f8: 00007ffde2a8d041 / 0x01ed041: e3 != cc
- 4fd0.56f8: 00007ffde2a8d042 / 0x01ed042: 95 != f9
- 4fd0.56f8: 00007ffde2a8d043 / 0x01ed043: e2 != e4
- 4fd0.56f8: 00007ffde2a8d048 / 0x01ed048: e0 != 00
- 4fd0.56f8: 00007ffde2a8d049 / 0x01ed049: e6 != cd
- 4fd0.56f8: 00007ffde2a8d04a / 0x01ed04a: 95 != f9
- 4fd0.56f8: 00007ffde2a8d04b / 0x01ed04b: e2 != e4
- 4fd0.56f8: Restored 0x2000 bytes of original file content at 00007ffde2a8d000
- 4fd0.56f8: supHardNtVpCheckHandles:
- 4fd0.56f8: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=9
- 4fd0.56f8: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
- 4fd0.56f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
- 4fd0.56f8: supR3HardNtEnableThreadCreationEx:
- 4fd0.56f8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffde4f85c10 pvNtTerminateThread=00007ffde4fadf40
- 4fd0.56f8: supR3HardenedWinDoReSpawn(1): New child 50e0.3c8 [kernel32].
- 4fd0.56f8: supR3HardNtChildGatherData: PebBaseAddress=0000000707b1d000 cbPeb=0x388
- 4fd0.56f8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffde4f10000 uNtDllChildAddr=00007ffde4f10000
- 4fd0.56f8: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffde4f85c10
- 4fd0.56f8: supR3HardenedWinSetupChildInit: Initial context:
- rax=0000000000000000 rbx=0000000000000000 rcx=00007ff68e89b850 rdx=0000000707b1d000
- rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
- r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
- r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
- rip=00007ffde4f5cc70 rsp=000000070792fe48 rbp=0000000000000000 ctxflags=0010001b
- cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
- P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
- dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
- dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
- lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
- 4fd0.56f8: supR3HardenedWinSetupChildInit: Start child.
- 4fd0.56f8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
- 4fd0.56f8: supR3HardNtChildPurify: Startup delay kludge #1/0: 518 ms, 58 sleeps
- 4fd0.56f8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
- 4fd0.56f8: *0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
- 4fd0.56f8: 000000007ffe1000-000000007ffedfff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *000000007ffee000-000000007ffeefff 0x0002/0x0002 0x0020000
- 4fd0.56f8: 000000007ffef000-000000070782ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000000707830000-000000070792afff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 000000070792b000-000000070792dfff 0x0104/0x0004 0x0020000
- 4fd0.56f8: 000000070792e000-000000070792ffff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000000707930000-00000007079fffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000000707a00000-0000000707b1cfff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 0000000707b1d000-0000000707b1ffff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000000707b20000-0000000707bfffff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 0000000707c00000-0000012db5e8ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5e90000-0000012db5eaffff 0x0004/0x0004 0x0020000
- 4fd0.56f8: *0000012db5eb0000-0000012db5eccfff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000012db5ecd000-0000012db5ecffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5ed0000-0000012db5ed0fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000012db5ed1000-0000012db5edffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5ee0000-0000012db5ee0fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000012db5ee1000-0000012db5eeffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5ef0000-0000012db5ef3fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000012db5ef4000-0000012db5efffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5f00000-0000012db5f00fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000012db5f01000-0000012db5f0ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5f10000-0000012db5f11fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000012db5f12000-00007df5dea1ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007df5dea20000-00007df5dea20fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 00007df5dea21000-00007df5dea2ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007df5dea30000-00007df5dea52fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 00007df5dea53000-00007df5dea5ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007df5dea60000-00007df5e0397fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007df5e0398000-00007df5e0572fff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007df5e0573000-00007df5e0826fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007df5e0827000-00007df5e0827fff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007df5e0828000-00007ff5b8e01fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007ff5b8e02000-00007ff5b8e06fff 0x0002/0x0001 0x0040000
- 4fd0.56f8: 00007ff5b8e07000-00007ff5d3704fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007ff5d3705000-00007ff5d639bfff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007ff5d639c000-00007ff5d63a4fff 0x0002/0x0001 0x0040000
- 4fd0.56f8: 00007ff5d63a5000-00007ff5dea5ffff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007ff5dea60000-00007ff68e88ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007ff68e890000-00007ff68e890fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e891000-00007ff68e8fbfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e8fc000-00007ff68e8fcfff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e8fd000-00007ff68e951fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e952000-00007ff68e952fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e953000-00007ff68e953fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e954000-00007ff68e958fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e959000-00007ff68e95efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e95f000-00007ff68e999fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e99a000-00007ffde4f0ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007ffde4f10000-00007ffde4f10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde4f11000-00007ffde502cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde502d000-00007ffde5075fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5076000-00007ffde5081fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5082000-00007ffde5090fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5091000-00007ffde5091fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5092000-00007ffde5094fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5095000-00007ffde5107fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5108000-00007ffffffeffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: VirtualBoxVM.exe: Differences in section #8 (.rsrc) between file and memory:
- 4fd0.56f8: 00007ff68e997b28 / 0x0107b28: 00 != 50
- 4fd0.56f8: 00007ff68e997b29 / 0x0107b29: 00 != 41
- 4fd0.56f8: 00007ff68e997b2a / 0x0107b2a: 00 != 44
- 4fd0.56f8: 00007ff68e997b2b / 0x0107b2b: 00 != 44
- 4fd0.56f8: 00007ff68e997b2c / 0x0107b2c: 00 != 49
- 4fd0.56f8: 00007ff68e997b2d / 0x0107b2d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b2e / 0x0107b2e: 00 != 47
- 4fd0.56f8: 00007ff68e997b2f / 0x0107b2f: 00 != 58
- 4fd0.56f8: 00007ff68e997b30 / 0x0107b30: 00 != 58
- 4fd0.56f8: 00007ff68e997b31 / 0x0107b31: 00 != 50
- 4fd0.56f8: 00007ff68e997b32 / 0x0107b32: 00 != 41
- 4fd0.56f8: 00007ff68e997b33 / 0x0107b33: 00 != 44
- 4fd0.56f8: 00007ff68e997b34 / 0x0107b34: 00 != 44
- 4fd0.56f8: 00007ff68e997b35 / 0x0107b35: 00 != 49
- 4fd0.56f8: 00007ff68e997b36 / 0x0107b36: 00 != 4e
- 4fd0.56f8: 00007ff68e997b37 / 0x0107b37: 00 != 47
- 4fd0.56f8: 00007ff68e997b38 / 0x0107b38: 00 != 50
- 4fd0.56f8: 00007ff68e997b39 / 0x0107b39: 00 != 41
- 4fd0.56f8: 00007ff68e997b3a / 0x0107b3a: 00 != 44
- 4fd0.56f8: 00007ff68e997b3b / 0x0107b3b: 00 != 44
- 4fd0.56f8: 00007ff68e997b3c / 0x0107b3c: 00 != 49
- 4fd0.56f8: 00007ff68e997b3d / 0x0107b3d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b3e / 0x0107b3e: 00 != 47
- 4fd0.56f8: 00007ff68e997b3f / 0x0107b3f: 00 != 58
- 4fd0.56f8: 00007ff68e997b40 / 0x0107b40: 00 != 58
- 4fd0.56f8: 00007ff68e997b41 / 0x0107b41: 00 != 50
- 4fd0.56f8: 00007ff68e997b42 / 0x0107b42: 00 != 41
- 4fd0.56f8: 00007ff68e997b43 / 0x0107b43: 00 != 44
- 4fd0.56f8: 00007ff68e997b44 / 0x0107b44: 00 != 44
- 4fd0.56f8: 00007ff68e997b45 / 0x0107b45: 00 != 49
- 4fd0.56f8: 00007ff68e997b46 / 0x0107b46: 00 != 4e
- 4fd0.56f8: 00007ff68e997b47 / 0x0107b47: 00 != 47
- 4fd0.56f8: 00007ff68e997b48 / 0x0107b48: 00 != 50
- 4fd0.56f8: 00007ff68e997b49 / 0x0107b49: 00 != 41
- 4fd0.56f8: 00007ff68e997b4a / 0x0107b4a: 00 != 44
- 4fd0.56f8: 00007ff68e997b4b / 0x0107b4b: 00 != 44
- 4fd0.56f8: 00007ff68e997b4c / 0x0107b4c: 00 != 49
- 4fd0.56f8: 00007ff68e997b4d / 0x0107b4d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b4e / 0x0107b4e: 00 != 47
- 4fd0.56f8: 00007ff68e997b4f / 0x0107b4f: 00 != 58
- 4fd0.56f8: 00007ff68e997b50 / 0x0107b50: 00 != 58
- 4fd0.56f8: 00007ff68e997b51 / 0x0107b51: 00 != 50
- 4fd0.56f8: 00007ff68e997b52 / 0x0107b52: 00 != 41
- 4fd0.56f8: 00007ff68e997b53 / 0x0107b53: 00 != 44
- 4fd0.56f8: 00007ff68e997b54 / 0x0107b54: 00 != 44
- 4fd0.56f8: 00007ff68e997b55 / 0x0107b55: 00 != 49
- 4fd0.56f8: 00007ff68e997b56 / 0x0107b56: 00 != 4e
- 4fd0.56f8: 00007ff68e997b57 / 0x0107b57: 00 != 47
- 4fd0.56f8: 00007ff68e997b58 / 0x0107b58: 00 != 50
- 4fd0.56f8: 00007ff68e997b59 / 0x0107b59: 00 != 41
- 4fd0.56f8: 00007ff68e997b5a / 0x0107b5a: 00 != 44
- 4fd0.56f8: 00007ff68e997b5b / 0x0107b5b: 00 != 44
- 4fd0.56f8: 00007ff68e997b5c / 0x0107b5c: 00 != 49
- 4fd0.56f8: 00007ff68e997b5d / 0x0107b5d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b5e / 0x0107b5e: 00 != 47
- 4fd0.56f8: 00007ff68e997b5f / 0x0107b5f: 00 != 58
- 4fd0.56f8: 00007ff68e997b60 / 0x0107b60: 00 != 58
- 4fd0.56f8: 00007ff68e997b61 / 0x0107b61: 00 != 50
- 4fd0.56f8: 00007ff68e997b62 / 0x0107b62: 00 != 41
- 4fd0.56f8: 00007ff68e997b63 / 0x0107b63: 00 != 44
- 4fd0.56f8: 00007ff68e997b64 / 0x0107b64: 00 != 44
- 4fd0.56f8: 00007ff68e997b65 / 0x0107b65: 00 != 49
- 4fd0.56f8: 00007ff68e997b66 / 0x0107b66: 00 != 4e
- 4fd0.56f8: 00007ff68e997b67 / 0x0107b67: 00 != 47
- 4fd0.56f8: 00007ff68e997b68 / 0x0107b68: 00 != 50
- 4fd0.56f8: 00007ff68e997b69 / 0x0107b69: 00 != 41
- 4fd0.56f8: 00007ff68e997b6a / 0x0107b6a: 00 != 44
- 4fd0.56f8: 00007ff68e997b6b / 0x0107b6b: 00 != 44
- 4fd0.56f8: 00007ff68e997b6c / 0x0107b6c: 00 != 49
- 4fd0.56f8: 00007ff68e997b6d / 0x0107b6d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b6e / 0x0107b6e: 00 != 47
- 4fd0.56f8: 00007ff68e997b6f / 0x0107b6f: 00 != 58
- 4fd0.56f8: 00007ff68e997b70 / 0x0107b70: 00 != 58
- 4fd0.56f8: 00007ff68e997b71 / 0x0107b71: 00 != 50
- 4fd0.56f8: 00007ff68e997b72 / 0x0107b72: 00 != 41
- 4fd0.56f8: 00007ff68e997b73 / 0x0107b73: 00 != 44
- 4fd0.56f8: 00007ff68e997b74 / 0x0107b74: 00 != 44
- 4fd0.56f8: 00007ff68e997b75 / 0x0107b75: 00 != 49
- 4fd0.56f8: 00007ff68e997b76 / 0x0107b76: 00 != 4e
- 4fd0.56f8: 00007ff68e997b77 / 0x0107b77: 00 != 47
- 4fd0.56f8: 00007ff68e997b78 / 0x0107b78: 00 != 50
- 4fd0.56f8: 00007ff68e997b79 / 0x0107b79: 00 != 41
- 4fd0.56f8: 00007ff68e997b7a / 0x0107b7a: 00 != 44
- 4fd0.56f8: 00007ff68e997b7b / 0x0107b7b: 00 != 44
- 4fd0.56f8: 00007ff68e997b7c / 0x0107b7c: 00 != 49
- 4fd0.56f8: 00007ff68e997b7d / 0x0107b7d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b7e / 0x0107b7e: 00 != 47
- 4fd0.56f8: 00007ff68e997b7f / 0x0107b7f: 00 != 58
- 4fd0.56f8: 00007ff68e997b80 / 0x0107b80: 00 != 58
- 4fd0.56f8: 00007ff68e997b81 / 0x0107b81: 00 != 50
- 4fd0.56f8: 00007ff68e997b82 / 0x0107b82: 00 != 41
- 4fd0.56f8: 00007ff68e997b83 / 0x0107b83: 00 != 44
- 4fd0.56f8: 00007ff68e997b84 / 0x0107b84: 00 != 44
- 4fd0.56f8: 00007ff68e997b85 / 0x0107b85: 00 != 49
- 4fd0.56f8: 00007ff68e997b86 / 0x0107b86: 00 != 4e
- 4fd0.56f8: 00007ff68e997b87 / 0x0107b87: 00 != 47
- 4fd0.56f8: 00007ff68e997b88 / 0x0107b88: 00 != 50
- 4fd0.56f8: 00007ff68e997b89 / 0x0107b89: 00 != 41
- 4fd0.56f8: 00007ff68e997b8a / 0x0107b8a: 00 != 44
- 4fd0.56f8: 00007ff68e997b8b / 0x0107b8b: 00 != 44
- 4fd0.56f8: 00007ff68e997b8c / 0x0107b8c: 00 != 49
- 4fd0.56f8: 00007ff68e997b8d / 0x0107b8d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b8e / 0x0107b8e: 00 != 47
- 4fd0.56f8: 00007ff68e997b8f / 0x0107b8f: 00 != 58
- 4fd0.56f8: 00007ff68e997b90 / 0x0107b90: 00 != 58
- 4fd0.56f8: 00007ff68e997b91 / 0x0107b91: 00 != 50
- 4fd0.56f8: 00007ff68e997b92 / 0x0107b92: 00 != 41
- 4fd0.56f8: 00007ff68e997b93 / 0x0107b93: 00 != 44
- 4fd0.56f8: 00007ff68e997b94 / 0x0107b94: 00 != 44
- 4fd0.56f8: 00007ff68e997b95 / 0x0107b95: 00 != 49
- 4fd0.56f8: 00007ff68e997b96 / 0x0107b96: 00 != 4e
- 4fd0.56f8: 00007ff68e997b97 / 0x0107b97: 00 != 47
- 4fd0.56f8: 00007ff68e997b98 / 0x0107b98: 00 != 50
- 4fd0.56f8: 00007ff68e997b99 / 0x0107b99: 00 != 41
- 4fd0.56f8: 00007ff68e997b9a / 0x0107b9a: 00 != 44
- 4fd0.56f8: 00007ff68e997b9b / 0x0107b9b: 00 != 44
- 4fd0.56f8: 00007ff68e997b9c / 0x0107b9c: 00 != 49
- 4fd0.56f8: 00007ff68e997b9d / 0x0107b9d: 00 != 4e
- 4fd0.56f8: 00007ff68e997b9e / 0x0107b9e: 00 != 47
- 4fd0.56f8: 00007ff68e997b9f / 0x0107b9f: 00 != 58
- 4fd0.56f8: 00007ff68e997ba0 / 0x0107ba0: 00 != 58
- 4fd0.56f8: 00007ff68e997ba1 / 0x0107ba1: 00 != 50
- 4fd0.56f8: 00007ff68e997ba2 / 0x0107ba2: 00 != 41
- 4fd0.56f8: 00007ff68e997ba3 / 0x0107ba3: 00 != 44
- 4fd0.56f8: 00007ff68e997ba4 / 0x0107ba4: 00 != 44
- 4fd0.56f8: 00007ff68e997ba5 / 0x0107ba5: 00 != 49
- 4fd0.56f8: 00007ff68e997ba6 / 0x0107ba6: 00 != 4e
- 4fd0.56f8: 00007ff68e997ba7 / 0x0107ba7: 00 != 47
- 4fd0.56f8: 00007ff68e997ba8 / 0x0107ba8: 00 != 50
- 4fd0.56f8: 00007ff68e997ba9 / 0x0107ba9: 00 != 41
- 4fd0.56f8: 00007ff68e997baa / 0x0107baa: 00 != 44
- 4fd0.56f8: 00007ff68e997bab / 0x0107bab: 00 != 44
- 4fd0.56f8: 00007ff68e997bac / 0x0107bac: 00 != 49
- 4fd0.56f8: 00007ff68e997bad / 0x0107bad: 00 != 4e
- 4fd0.56f8: 00007ff68e997bae / 0x0107bae: 00 != 47
- 4fd0.56f8: 00007ff68e997baf / 0x0107baf: 00 != 58
- 4fd0.56f8: 00007ff68e997bb0 / 0x0107bb0: 00 != 58
- 4fd0.56f8: 00007ff68e997bb1 / 0x0107bb1: 00 != 50
- 4fd0.56f8: 00007ff68e997bb2 / 0x0107bb2: 00 != 41
- 4fd0.56f8: 00007ff68e997bb3 / 0x0107bb3: 00 != 44
- 4fd0.56f8: 00007ff68e997bb4 / 0x0107bb4: 00 != 44
- 4fd0.56f8: 00007ff68e997bb5 / 0x0107bb5: 00 != 49
- 4fd0.56f8: 00007ff68e997bb6 / 0x0107bb6: 00 != 4e
- 4fd0.56f8: 00007ff68e997bb7 / 0x0107bb7: 00 != 47
- 4fd0.56f8: 00007ff68e997bb8 / 0x0107bb8: 00 != 50
- 4fd0.56f8: 00007ff68e997bb9 / 0x0107bb9: 00 != 41
- 4fd0.56f8: 00007ff68e997bba / 0x0107bba: 00 != 44
- 4fd0.56f8: 00007ff68e997bbb / 0x0107bbb: 00 != 44
- 4fd0.56f8: 00007ff68e997bbc / 0x0107bbc: 00 != 49
- 4fd0.56f8: 00007ff68e997bbd / 0x0107bbd: 00 != 4e
- 4fd0.56f8: 00007ff68e997bbe / 0x0107bbe: 00 != 47
- 4fd0.56f8: 00007ff68e997bbf / 0x0107bbf: 00 != 58
- 4fd0.56f8: 00007ff68e997bc0 / 0x0107bc0: 00 != 58
- 4fd0.56f8: 00007ff68e997bc1 / 0x0107bc1: 00 != 50
- 4fd0.56f8: 00007ff68e997bc2 / 0x0107bc2: 00 != 41
- 4fd0.56f8: 00007ff68e997bc3 / 0x0107bc3: 00 != 44
- 4fd0.56f8: 00007ff68e997bc4 / 0x0107bc4: 00 != 44
- 4fd0.56f8: 00007ff68e997bc5 / 0x0107bc5: 00 != 49
- 4fd0.56f8: 00007ff68e997bc6 / 0x0107bc6: 00 != 4e
- 4fd0.56f8: 00007ff68e997bc7 / 0x0107bc7: 00 != 47
- 4fd0.56f8: 00007ff68e997bc8 / 0x0107bc8: 00 != 50
- 4fd0.56f8: 00007ff68e997bc9 / 0x0107bc9: 00 != 41
- 4fd0.56f8: 00007ff68e997bca / 0x0107bca: 00 != 44
- 4fd0.56f8: 00007ff68e997bcb / 0x0107bcb: 00 != 44
- 4fd0.56f8: 00007ff68e997bcc / 0x0107bcc: 00 != 49
- 4fd0.56f8: 00007ff68e997bcd / 0x0107bcd: 00 != 4e
- 4fd0.56f8: 00007ff68e997bce / 0x0107bce: 00 != 47
- 4fd0.56f8: 00007ff68e997bcf / 0x0107bcf: 00 != 58
- 4fd0.56f8: 00007ff68e997bd0 / 0x0107bd0: 00 != 58
- 4fd0.56f8: 00007ff68e997bd1 / 0x0107bd1: 00 != 50
- 4fd0.56f8: 00007ff68e997bd2 / 0x0107bd2: 00 != 41
- 4fd0.56f8: 00007ff68e997bd3 / 0x0107bd3: 00 != 44
- 4fd0.56f8: 00007ff68e997bd4 / 0x0107bd4: 00 != 44
- 4fd0.56f8: 00007ff68e997bd5 / 0x0107bd5: 00 != 49
- 4fd0.56f8: 00007ff68e997bd6 / 0x0107bd6: 00 != 4e
- 4fd0.56f8: 00007ff68e997bd7 / 0x0107bd7: 00 != 47
- 4fd0.56f8: 00007ff68e997bd8 / 0x0107bd8: 00 != 50
- 4fd0.56f8: 00007ff68e997bd9 / 0x0107bd9: 00 != 41
- 4fd0.56f8: 00007ff68e997bda / 0x0107bda: 00 != 44
- 4fd0.56f8: 00007ff68e997bdb / 0x0107bdb: 00 != 44
- 4fd0.56f8: 00007ff68e997bdc / 0x0107bdc: 00 != 49
- 4fd0.56f8: 00007ff68e997bdd / 0x0107bdd: 00 != 4e
- 4fd0.56f8: 00007ff68e997bde / 0x0107bde: 00 != 47
- 4fd0.56f8: 00007ff68e997bdf / 0x0107bdf: 00 != 58
- 4fd0.56f8: 00007ff68e997be0 / 0x0107be0: 00 != 58
- 4fd0.56f8: 00007ff68e997be1 / 0x0107be1: 00 != 50
- 4fd0.56f8: 00007ff68e997be2 / 0x0107be2: 00 != 41
- 4fd0.56f8: 00007ff68e997be3 / 0x0107be3: 00 != 44
- 4fd0.56f8: 00007ff68e997be4 / 0x0107be4: 00 != 44
- 4fd0.56f8: 00007ff68e997be5 / 0x0107be5: 00 != 49
- 4fd0.56f8: 00007ff68e997be6 / 0x0107be6: 00 != 4e
- 4fd0.56f8: 00007ff68e997be7 / 0x0107be7: 00 != 47
- 4fd0.56f8: 00007ff68e997be8 / 0x0107be8: 00 != 50
- 4fd0.56f8: 00007ff68e997be9 / 0x0107be9: 00 != 41
- 4fd0.56f8: 00007ff68e997bea / 0x0107bea: 00 != 44
- 4fd0.56f8: 00007ff68e997beb / 0x0107beb: 00 != 44
- 4fd0.56f8: 00007ff68e997bec / 0x0107bec: 00 != 49
- 4fd0.56f8: 00007ff68e997bed / 0x0107bed: 00 != 4e
- 4fd0.56f8: 00007ff68e997bee / 0x0107bee: 00 != 47
- 4fd0.56f8: 00007ff68e997bef / 0x0107bef: 00 != 58
- 4fd0.56f8: 00007ff68e997bf0 / 0x0107bf0: 00 != 58
- 4fd0.56f8: 00007ff68e997bf1 / 0x0107bf1: 00 != 50
- 4fd0.56f8: 00007ff68e997bf2 / 0x0107bf2: 00 != 41
- 4fd0.56f8: 00007ff68e997bf3 / 0x0107bf3: 00 != 44
- 4fd0.56f8: 00007ff68e997bf4 / 0x0107bf4: 00 != 44
- 4fd0.56f8: 00007ff68e997bf5 / 0x0107bf5: 00 != 49
- 4fd0.56f8: 00007ff68e997bf6 / 0x0107bf6: 00 != 4e
- 4fd0.56f8: 00007ff68e997bf7 / 0x0107bf7: 00 != 47
- 4fd0.56f8: 00007ff68e997bf8 / 0x0107bf8: 00 != 50
- 4fd0.56f8: 00007ff68e997bf9 / 0x0107bf9: 00 != 41
- 4fd0.56f8: 00007ff68e997bfa / 0x0107bfa: 00 != 44
- 4fd0.56f8: 00007ff68e997bfb / 0x0107bfb: 00 != 44
- 4fd0.56f8: 00007ff68e997bfc / 0x0107bfc: 00 != 49
- 4fd0.56f8: 00007ff68e997bfd / 0x0107bfd: 00 != 4e
- 4fd0.56f8: 00007ff68e997bfe / 0x0107bfe: 00 != 47
- 4fd0.56f8: 00007ff68e997bff / 0x0107bff: 00 != 58
- 4fd0.56f8: Restored 0x4d8 bytes of original file content at 00007ff68e997b28
- 4fd0.56f8: supR3HardNtChildPurify: cFixes=1 g_fSupAdversaries=0x4
- 4fd0.56f8: supR3HardNtChildPurify: Startup delay kludge #1/1: 516 ms, 58 sleeps
- 4fd0.56f8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
- 4fd0.56f8: *0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
- 4fd0.56f8: 000000007ffe1000-000000007ffedfff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *000000007ffee000-000000007ffeefff 0x0002/0x0002 0x0020000
- 4fd0.56f8: 000000007ffef000-000000070782ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000000707830000-000000070792afff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 000000070792b000-000000070792dfff 0x0104/0x0004 0x0020000
- 4fd0.56f8: 000000070792e000-000000070792ffff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000000707930000-00000007079fffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000000707a00000-0000000707b1cfff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 0000000707b1d000-0000000707b1ffff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000000707b20000-0000000707bfffff 0x0000/0x0004 0x0020000
- 4fd0.56f8: 0000000707c00000-0000012db5e8ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5e90000-0000012db5eaffff 0x0004/0x0004 0x0020000
- 4fd0.56f8: *0000012db5eb0000-0000012db5eccfff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000012db5ecd000-0000012db5ecffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5ed0000-0000012db5ed0fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000012db5ed1000-0000012db5edffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5ee0000-0000012db5ee0fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000012db5ee1000-0000012db5eeffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5ef0000-0000012db5ef3fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000012db5ef4000-0000012db5efffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5f00000-0000012db5f00fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 0000012db5f01000-0000012db5f0ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *0000012db5f10000-0000012db5f11fff 0x0004/0x0004 0x0020000
- 4fd0.56f8: 0000012db5f12000-00007df5dea1ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007df5dea20000-00007df5dea20fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 00007df5dea21000-00007df5dea2ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007df5dea30000-00007df5dea52fff 0x0002/0x0002 0x0040000
- 4fd0.56f8: 00007df5dea53000-00007df5dea5ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007df5dea60000-00007df5e0397fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007df5e0398000-00007df5e0572fff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007df5e0573000-00007df5e0826fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007df5e0827000-00007df5e0827fff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007df5e0828000-00007ff5b8e01fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007ff5b8e02000-00007ff5b8e06fff 0x0002/0x0001 0x0040000
- 4fd0.56f8: 00007ff5b8e07000-00007ff5d3704fff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007ff5d3705000-00007ff5d639bfff 0x0001/0x0001 0x0040000
- 4fd0.56f8: 00007ff5d639c000-00007ff5d63a4fff 0x0002/0x0001 0x0040000
- 4fd0.56f8: 00007ff5d63a5000-00007ff5dea5ffff 0x0000/0x0001 0x0040000
- 4fd0.56f8: 00007ff5dea60000-00007ff68e88ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007ff68e890000-00007ff68e890fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e891000-00007ff68e8fbfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e8fc000-00007ff68e8fcfff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e8fd000-00007ff68e951fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e952000-00007ff68e95efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e95f000-00007ff68e999fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
- 4fd0.56f8: 00007ff68e99a000-00007ffde4f0ffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: *00007ffde4f10000-00007ffde4f10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde4f11000-00007ffde502cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde502d000-00007ffde5075fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5076000-00007ffde5079fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde507a000-00007ffde5081fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5082000-00007ffde5090fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5091000-00007ffde5091fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5092000-00007ffde5094fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5095000-00007ffde5107fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
- 4fd0.56f8: 00007ffde5108000-00007ffffffeffff 0x0001/0x0000 0x0000000
- 4fd0.56f8: supR3HardNtChildPurify: Done after 1041 ms and 1 fixes (loop #1).
- 50e0.3c8: supR3HardenedVmProcessInit: uNtDllAddr=00007ffde4f10000 g_uNtVerCombined=0xa04a6500 (stack ~000000070792ec20)
- 50e0.3c8: ntdll.dll: timestamp 0xab0dece3 (rc=VINF_SUCCESS)
- 50e0.3c8: New simple heap: #1 0000012db6020000 LB 0x400000 (for 2064384 allocation)
- 4fd0.56f8: supR3HardNtEnableThreadCreationEx:
- 50e0.3c8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
- 50e0.3c8: System32: \Device\HarddiskVolume4\Windows\System32
- 50e0.3c8: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
- 50e0.3c8: KnownDllPath: C:\WINDOWS\System32
- 50e0.3c8: supR3HardenedVmProcessInit: Opening vboxsup stub...
- 50e0.3c8: Error opening VBoxDrvStub: STATUS_OBJECT_NAME_NOT_FOUND
- 50e0.3c8: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc0000034
- 50e0.3c8: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
- 50e0.3c8: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
- Driver is probably stuck stopping/starting. Try 'sc.exe query vboxsup' to get more information about its state. Rebooting may actually help.
- 4fd0.56f8: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
- Driver is probably stuck stopping/starting. Try 'sc.exe query vboxsup' to get more information about its state. Rebooting may actually help.
- 50e0.3c8: KiUserExceptionDispatcher: 0xc0000005 (0000000000000001, 0000000000000024) @ 00007ffde4f749e6 (flags=0x0)
- rax=0000000000000000 rbx=00007ffde507c3c0 rcx=00007ffde507c3c0 rdx=00000000fffffffa
- rsi=0000000000000000 rdi=00007ffde507c000 r8 =0000000000000000 r9 =00007ffde507c300
- r10=0000000000000000 r11=000000070792a990 r12=0000000000000000 r13=0000000707b1e000
- r14=0000000000000001 r15=0000000000000000 P1=000000070792aad8 P2=00007ff68e9123bc
- rip=00007ffde4f749e6 rsp=000000070792a7f0 rbp=00000000ffffff00 ctxflags=0010005f
- cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b eflags=00010213 mxcrx=00001f80
- P3=000000070792a1d0 P4=00007ff60000000a P5=0000006200000000 P6=00007ff68e91203e
- dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
- dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
- lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
- 4fd0.56f8: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
- 4fd0.56f8: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
- Driver is probably stuck stopping/starting. Try 'sc.exe query vboxsup' to get more information about its state. Rebooting may actually help.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
