Ticket #17662: VBoxHardening.log

File VBoxHardening.log, 18.6 KB (added by AshokMazumder, 6 years ago)

Line
1	9d4.9d8: Log file opened: 5.2.8r121009 g_hStartupLog=0000000000000068 g_uNtVerCombined=0xa03ad700
2	9d4.9d8: \SystemRoot\System32\ntdll.dll:
3	9d4.9d8: CreationTime: 2017-03-18T20:57:39.201977500Z
4	9d4.9d8: LastWriteTime: 2017-03-18T20:57:39.201977500Z
5	9d4.9d8: ChangeTime: 2018-04-04T04:47:42.181105700Z
6	9d4.9d8: FileAttributes: 0x20
7	9d4.9d8: Size: 0x1d7450
8	9d4.9d8: NT Headers: 0xe0
9	9d4.9d8: Timestamp: 0xb79b6ddb
10	9d4.9d8: Machine: 0x8664 - amd64
11	9d4.9d8: Timestamp: 0xb79b6ddb
12	9d4.9d8: Image Version: 10.0
13	9d4.9d8: SizeOfImage: 0x1db000 (1945600)
14	9d4.9d8: Resource Dir: 0x170000 LB 0x69398
15	9d4.9d8: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
16	9d4.9d8: [Raw version resource data: 0x1700f0 LB 0x380, codepage 0x0 (reserved 0x0)]
17	9d4.9d8: ProductName: Microsoft® Windows® Operating System
18	9d4.9d8: ProductVersion: 10.0.15063.0
19	9d4.9d8: FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
20	9d4.9d8: FileDescription: NT Layer DLL
21	9d4.9d8: \SystemRoot\System32\kernel32.dll:
22	9d4.9d8: CreationTime: 2017-03-18T20:57:15.887502700Z
23	9d4.9d8: LastWriteTime: 2017-03-18T20:57:15.887502700Z
24	9d4.9d8: ChangeTime: 2018-04-04T04:47:39.931076300Z
25	9d4.9d8: FileAttributes: 0x20
26	9d4.9d8: Size: 0xad068
27	9d4.9d8: NT Headers: 0xf8
28	9d4.9d8: Timestamp: 0x17a3637d
29	9d4.9d8: Machine: 0x8664 - amd64
30	9d4.9d8: Timestamp: 0x17a3637d
31	9d4.9d8: Image Version: 10.0
32	9d4.9d8: SizeOfImage: 0xae000 (712704)
33	9d4.9d8: Resource Dir: 0xac000 LB 0x520
34	9d4.9d8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
35	9d4.9d8: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
36	9d4.9d8: ProductName: Microsoft® Windows® Operating System
37	9d4.9d8: ProductVersion: 10.0.15063.0
38	9d4.9d8: FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
39	9d4.9d8: FileDescription: Windows NT BASE API Client DLL
40	9d4.9d8: \SystemRoot\System32\KernelBase.dll:
41	9d4.9d8: CreationTime: 2017-03-18T20:57:35.951701900Z
42	9d4.9d8: LastWriteTime: 2017-03-18T20:57:35.951701900Z
43	9d4.9d8: ChangeTime: 2018-04-04T04:47:39.993574700Z
44	9d4.9d8: FileAttributes: 0x20
45	9d4.9d8: Size: 0x249bf0
46	9d4.9d8: NT Headers: 0x100
47	9d4.9d8: Timestamp: 0x461a0ff5
48	9d4.9d8: Machine: 0x8664 - amd64
49	9d4.9d8: Timestamp: 0x461a0ff5
50	9d4.9d8: Image Version: 10.0
51	9d4.9d8: SizeOfImage: 0x249000 (2396160)
52	9d4.9d8: Resource Dir: 0x22a000 LB 0x548
53	9d4.9d8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
54	9d4.9d8: [Raw version resource data: 0x22a0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
55	9d4.9d8: ProductName: Microsoft® Windows® Operating System
56	9d4.9d8: ProductVersion: 10.0.15063.0
57	9d4.9d8: FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
58	9d4.9d8: FileDescription: Windows NT BASE API Client DLL
59	9d4.9d8: \SystemRoot\System32\apisetschema.dll:
60	9d4.9d8: CreationTime: 2017-03-18T20:57:35.373527900Z
61	9d4.9d8: LastWriteTime: 2017-03-18T20:57:35.373527900Z
62	9d4.9d8: ChangeTime: 2018-04-04T04:47:21.446473600Z
63	9d4.9d8: FileAttributes: 0x20
64	9d4.9d8: Size: 0x1ada0
65	9d4.9d8: NT Headers: 0xc0
66	9d4.9d8: Timestamp: 0x76544b2
67	9d4.9d8: Machine: 0x8664 - amd64
68	9d4.9d8: Timestamp: 0x76544b2
69	9d4.9d8: Image Version: 10.0
70	9d4.9d8: SizeOfImage: 0x1b000 (110592)
71	9d4.9d8: Resource Dir: 0x1a000 LB 0x408
72	9d4.9d8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
73	9d4.9d8: [Raw version resource data: 0x1a060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
74	9d4.9d8: ProductName: Microsoft® Windows® Operating System
75	9d4.9d8: ProductVersion: 10.0.15063.0
76	9d4.9d8: FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
77	9d4.9d8: FileDescription: ApiSet Schema DLL
78	9d4.9d8: NtOpenDirectoryObject failed on \Driver: 0xc0000022
79	9d4.9d8: supR3HardenedWinFindAdversaries: 0x3
80	9d4.9d8: \SystemRoot\System32\drivers\SysPlant.sys:
81	9d4.9d8: CreationTime: 2017-11-29T08:50:43.541005400Z
82	9d4.9d8: LastWriteTime: 2018-03-15T12:16:02.622294500Z
83	9d4.9d8: ChangeTime: 2018-04-03T15:55:01.504909500Z
84	9d4.9d8: FileAttributes: 0x20
85	9d4.9d8: Size: 0x30548
86	9d4.9d8: NT Headers: 0xf0
87	9d4.9d8: Timestamp: 0x5a1adc8a
88	9d4.9d8: Machine: 0x8664 - amd64
89	9d4.9d8: Timestamp: 0x5a1adc8a
90	9d4.9d8: Image Version: 5.0
91	9d4.9d8: SizeOfImage: 0x31000 (200704)
92	9d4.9d8: Resource Dir: 0x2f000 LB 0x49c
93	9d4.9d8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
94	9d4.9d8: [Raw version resource data: 0x2f0b8 LB 0x3e4, codepage 0x4e4 (reserved 0x0)]
95	9d4.9d8: ProductName: Symantec CMC Firewall
96	9d4.9d8: ProductVersion: 14.0.3856.1100
97	9d4.9d8: FileVersion: 14.0.3856.1100
98	9d4.9d8: FileDescription: Symantec CMC Firewall SysPlant
99	9d4.9d8: \SystemRoot\System32\sysfer.dll:
100	9d4.9d8: CreationTime: 2017-11-29T08:50:43.395898800Z
101	9d4.9d8: LastWriteTime: 2018-03-15T12:16:02.606653000Z
102	9d4.9d8: ChangeTime: 2018-04-03T16:21:27.407406100Z
103	9d4.9d8: FileAttributes: 0x20
104	9d4.9d8: Size: 0x7cee8
105	9d4.9d8: NT Headers: 0xf8
106	9d4.9d8: Timestamp: 0x5a1adc96
107	9d4.9d8: Machine: 0x8664 - amd64
108	9d4.9d8: Timestamp: 0x5a1adc96
109	9d4.9d8: Image Version: 0.0
110	9d4.9d8: SizeOfImage: 0x95000 (610304)
111	9d4.9d8: Resource Dir: 0x91000 LB 0x490
112	9d4.9d8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
113	9d4.9d8: [Raw version resource data: 0x910b8 LB 0x3d8, codepage 0x4e4 (reserved 0x0)]
114	9d4.9d8: ProductName: Symantec CMC Firewall
115	9d4.9d8: ProductVersion: 14.0.3856.1100
116	9d4.9d8: FileVersion: 14.0.3856.1100
117	9d4.9d8: FileDescription: Symantec CMC Firewall sysfer
118	9d4.9d8: \SystemRoot\System32\drivers\symevent64x86.sys:
119	9d4.9d8: CreationTime: 2017-11-29T08:53:05.303638500Z
120	9d4.9d8: LastWriteTime: 2017-11-29T08:53:04.933809100Z
121	9d4.9d8: ChangeTime: 2018-04-03T15:55:01.504909500Z
122	9d4.9d8: FileAttributes: 0x20
123	9d4.9d8: Size: 0x190d0
124	9d4.9d8: NT Headers: 0xe0
125	9d4.9d8: Timestamp: 0x584f629e
126	9d4.9d8: Machine: 0x8664 - amd64
127	9d4.9d8: Timestamp: 0x584f629e
128	9d4.9d8: Image Version: 6.2
129	9d4.9d8: SizeOfImage: 0x23000 (143360)
130	9d4.9d8: Resource Dir: 0x21000 LB 0x3c8
131	9d4.9d8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
132	9d4.9d8: [Raw version resource data: 0x210b8 LB 0x310, codepage 0x4e4 (reserved 0x0)]
133	9d4.9d8: ProductName: SYMEVENT
134	9d4.9d8: ProductVersion: 14.0.4.16
135	9d4.9d8: FileVersion: 14.0.4.16
136	9d4.9d8: FileDescription: Symantec Event Library
137	9d4.9d8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
138	9d4.9d8: Calling main()
139	9d4.9d8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
140	9d4.9d8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
141	9d4.9d8: SUPR3HardenedMain: Respawn #1
142	9d4.9d8: System32: \Device\HarddiskVolume1\Windows\System32
143	9d4.9d8: WinSxS: \Device\HarddiskVolume1\Windows\WinSxS
144	9d4.9d8: KnownDllPath: C:\WINDOWS\System32
145	9d4.9d8: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
146	9d4.9d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
147	9d4.9d8: supR3HardNtEnableThreadCreation:
148	9d4.9d8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff9068d9ad0 pvNtTerminateThread=00007ff906905e00
149	9d4.9d8: supR3HardenedWinDoReSpawn(1): New child 293c.2ac4 [kernel32].
150	9d4.9d8: supR3HardNtChildGatherData: PebBaseAddress=000000000086c000 cbPeb=0x388
151	9d4.9d8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff906860000 uNtDllChildAddr=00007ff906860000
152	9d4.9d8: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff9068d9ad0
153	9d4.9d8: supR3HardenedWinSetupChildInit: Start child.
154	9d4.9d8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
155	9d4.9d8: supR3HardNtChildPurify: Startup delay kludge #1/0: 515 ms, 33 sleeps
156	9d4.9d8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
157	9d4.9d8: *0000000000000000-000000000076ffff 0x0001/0x0000 0x0000000
158	9d4.9d8: *0000000000770000-000000000078ffff 0x0004/0x0004 0x0020000
159	9d4.9d8: *0000000000790000-00000000007a7fff 0x0002/0x0002 0x0040000
160	9d4.9d8: 00000000007a8000-00000000007affff 0x0001/0x0000 0x0000000
161	9d4.9d8: *00000000007b0000-00000000007b3fff 0x0002/0x0002 0x0040000
162	9d4.9d8: 00000000007b4000-00000000007bffff 0x0001/0x0000 0x0000000
163	9d4.9d8: *00000000007c0000-00000000007c0fff 0x0004/0x0004 0x0020000
164	9d4.9d8: 00000000007c1000-00000000007fffff 0x0001/0x0000 0x0000000
165	9d4.9d8: *0000000000800000-000000000086bfff 0x0000/0x0004 0x0020000
166	9d4.9d8: 000000000086c000-000000000086efff 0x0004/0x0004 0x0020000
167	9d4.9d8: 000000000086f000-00000000009fffff 0x0000/0x0004 0x0020000
168	9d4.9d8: *0000000000a00000-0000000000afafff 0x0000/0x0004 0x0020000
169	9d4.9d8: 0000000000afb000-0000000000afdfff 0x0104/0x0004 0x0020000
170	9d4.9d8: 0000000000afe000-0000000000afffff 0x0004/0x0004 0x0020000
171	9d4.9d8: 0000000000b00000-000000007ffdffff 0x0001/0x0000 0x0000000
172	9d4.9d8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
173	9d4.9d8: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
174	9d4.9d8: 000000007fff0000-00007ff7bbf3ffff 0x0001/0x0000 0x0000000
175	9d4.9d8: *00007ff7bbf40000-00007ff7bbf62fff 0x0002/0x0002 0x0040000
176	9d4.9d8: 00007ff7bbf63000-00007ff7bc9effff 0x0001/0x0000 0x0000000
177	9d4.9d8: *00007ff7bc9f0000-00007ff7bc9f0fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
178	9d4.9d8: 00007ff7bc9f1000-00007ff7bca61fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
179	9d4.9d8: 00007ff7bca62000-00007ff7bca62fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
180	9d4.9d8: 00007ff7bca63000-00007ff7bcaa8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
181	9d4.9d8: 00007ff7bcaa9000-00007ff7bcaa9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
182	9d4.9d8: 00007ff7bcaaa000-00007ff7bcaaafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
183	9d4.9d8: 00007ff7bcaab000-00007ff7bcaaffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
184	9d4.9d8: 00007ff7bcab0000-00007ff7bcab0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
185	9d4.9d8: 00007ff7bcab1000-00007ff7bcab1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
186	9d4.9d8: 00007ff7bcab2000-00007ff7bcab5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
187	9d4.9d8: 00007ff7bcab6000-00007ff7bcafdfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
188	9d4.9d8: 00007ff7bcafe000-00007ff7bcafffff 0x0001/0x0000 0x0000000
189	9d4.9d8: *00007ff7bcb00000-00007ff7bcb00fff 0x0004/0x0004 0x0020000
190	9d4.9d8: 00007ff7bcb01000-00007ff90685ffff 0x0001/0x0000 0x0000000
191	9d4.9d8: *00007ff906860000-00007ff906860fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
192	9d4.9d8: 00007ff906861000-00007ff90696ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
193	9d4.9d8: 00007ff906970000-00007ff9069b4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
194	9d4.9d8: 00007ff9069b5000-00007ff9069bcfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
195	9d4.9d8: 00007ff9069bd000-00007ff9069cafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
196	9d4.9d8: 00007ff9069cb000-00007ff9069cbfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
197	9d4.9d8: 00007ff9069cc000-00007ff9069cefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
198	9d4.9d8: 00007ff9069cf000-00007ff906a3afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
199	9d4.9d8: 00007ff906a3b000-00007ffffffdffff 0x0001/0x0000 0x0000000
200	9d4.9d8: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
201	9d4.9d8: VirtualBox.exe: timestamp 0x5a942b95 (rc=VINF_SUCCESS)
202	9d4.9d8: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
203	9d4.9d8: VirtualBox.exe: Differences in section #0 (headers) between file and memory:
204	9d4.9d8: 00007ff7bc9f0162 / 0x0000162: 00 != 11
205	9d4.9d8: 00007ff7bc9f0164 / 0x0000164: 00 != 14
206	9d4.9d8: Restored 0x400 bytes of original file content at 00007ff7bc9f0000
207	9d4.9d8: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
208	9d4.9d8: supR3HardNtChildPurify: cFixes=1 g_fSupAdversaries=0x3
209	9d4.9d8: supR3HardNtChildPurify: Startup delay kludge #1/1: 515 ms, 32 sleeps
210	9d4.9d8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
211	9d4.9d8: *0000000000000000-000000000076ffff 0x0001/0x0000 0x0000000
212	9d4.9d8: *0000000000770000-000000000078ffff 0x0004/0x0004 0x0020000
213	9d4.9d8: *0000000000790000-00000000007a7fff 0x0002/0x0002 0x0040000
214	9d4.9d8: 00000000007a8000-00000000007affff 0x0001/0x0000 0x0000000
215	9d4.9d8: *00000000007b0000-00000000007b3fff 0x0002/0x0002 0x0040000
216	9d4.9d8: 00000000007b4000-00000000007bffff 0x0001/0x0000 0x0000000
217	9d4.9d8: *00000000007c0000-00000000007c0fff 0x0004/0x0004 0x0020000
218	9d4.9d8: 00000000007c1000-00000000007fffff 0x0001/0x0000 0x0000000
219	9d4.9d8: *0000000000800000-000000000086bfff 0x0000/0x0004 0x0020000
220	9d4.9d8: 000000000086c000-000000000086efff 0x0004/0x0004 0x0020000
221	9d4.9d8: 000000000086f000-00000000009fffff 0x0000/0x0004 0x0020000
222	9d4.9d8: *0000000000a00000-0000000000afafff 0x0000/0x0004 0x0020000
223	9d4.9d8: 0000000000afb000-0000000000afdfff 0x0104/0x0004 0x0020000
224	9d4.9d8: 0000000000afe000-0000000000afffff 0x0004/0x0004 0x0020000
225	9d4.9d8: 0000000000b00000-000000007ffdffff 0x0001/0x0000 0x0000000
226	9d4.9d8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
227	9d4.9d8: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
228	9d4.9d8: 000000007fff0000-00007ff7bbf3ffff 0x0001/0x0000 0x0000000
229	9d4.9d8: *00007ff7bbf40000-00007ff7bbf62fff 0x0002/0x0002 0x0040000
230	9d4.9d8: 00007ff7bbf63000-00007ff7bc9effff 0x0001/0x0000 0x0000000
231	9d4.9d8: *00007ff7bc9f0000-00007ff7bc9f0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
232	9d4.9d8: 00007ff7bc9f1000-00007ff7bca61fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
233	9d4.9d8: 00007ff7bca62000-00007ff7bca62fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
234	9d4.9d8: 00007ff7bca63000-00007ff7bcaa8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
235	9d4.9d8: 00007ff7bcaa9000-00007ff7bcab5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
236	9d4.9d8: 00007ff7bcab6000-00007ff7bcafdfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
237	9d4.9d8: 00007ff7bcafe000-00007ff7bcafffff 0x0001/0x0000 0x0000000
238	9d4.9d8: *00007ff7bcb00000-00007ff7bcb00fff 0x0004/0x0004 0x0020000
239	9d4.9d8: 00007ff7bcb01000-00007ff90685ffff 0x0001/0x0000 0x0000000
240	9d4.9d8: *00007ff906860000-00007ff906860fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
241	9d4.9d8: 00007ff906861000-00007ff90696ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
242	9d4.9d8: 00007ff906970000-00007ff9069b4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
243	9d4.9d8: 00007ff9069b5000-00007ff9069b8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
244	9d4.9d8: 00007ff9069b9000-00007ff9069bcfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
245	9d4.9d8: 00007ff9069bd000-00007ff9069cafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
246	9d4.9d8: 00007ff9069cb000-00007ff9069cbfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
247	9d4.9d8: 00007ff9069cc000-00007ff9069cefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
248	9d4.9d8: 00007ff9069cf000-00007ff906a3afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
249	9d4.9d8: 00007ff906a3b000-00007ffffffdffff 0x0001/0x0000 0x0000000
250	9d4.9d8: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
251	9d4.9d8: supR3HardNtChildPurify: Done after 1093 ms and 1 fixes (loop #1).
252	9d4.9d8: supR3HardNtEnableThreadCreation:
253	293c.2ac4: Log file opened: 5.2.8r121009 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03ad700
254	293c.2ac4: supR3HardenedVmProcessInit: uNtDllAddr=00007ff906860000 g_uNtVerCombined=0xa03ad700
255	293c.2ac4: ntdll.dll: timestamp 0xb79b6ddb (rc=VINF_SUCCESS)
256	293c.2ac4: New simple heap: #1 0000000000c00000 LB 0x400000 (for 1945600 allocation)
257	293c.2ac4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
258	293c.2ac4: System32: \Device\HarddiskVolume1\Windows\System32
259	293c.2ac4: WinSxS: \Device\HarddiskVolume1\Windows\WinSxS
260	293c.2ac4: KnownDllPath: C:\WINDOWS\System32
261	293c.2ac4: supR3HardenedVmProcessInit: Opening vboxdrv stub...
262	293c.2ac4: Error opening VBoxDrvStub: STATUS_OBJECT_NAME_NOT_FOUND
263	293c.2ac4: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc0000034
264	293c.2ac4: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
265	293c.2ac4: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
266
267	Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
268	9d4.9d8: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
269
270	Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
271	9d4.9d8: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
272	9d4.9d8: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)
273
274	Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.

Download in other formats:

Original Format