Skip to content

Instantly share code, notes, and snippets.

@Explorare
Created December 11, 2015 08:24
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Explorare/d23af447717b98393a8c to your computer and use it in GitHub Desktop.
Save Explorare/d23af447717b98393a8c to your computer and use it in GitHub Desktop.
15a4.1720: Log file opened: 5.0.10r104061 g_hStartupLog=0000000000000010 g_uNtVerCombined=0x63258000
15a4.1720: \SystemRoot\System32\ntdll.dll:
15a4.1720: CreationTime: 2015-12-09T00:43:29.217314000Z
15a4.1720: LastWriteTime: 2015-11-22T06:59:22.233081300Z
15a4.1720: ChangeTime: 2015-12-09T08:02:02.785851200Z
15a4.1720: FileAttributes: 0x20
15a4.1720: Size: 0x1a7958
15a4.1720: NT Headers: 0xd8
15a4.1720: Timestamp: 0x5650b9bb
15a4.1720: Machine: 0x8664 - amd64
15a4.1720: Timestamp: 0x5650b9bb
15a4.1720: Image Version: 6.3
15a4.1720: SizeOfImage: 0x1ac000 (1753088)
15a4.1720: Resource Dir: 0x148000 LB 0x62450
15a4.1720: ProductName: Microsoft® Windows® Operating System
15a4.1720: ProductVersion: 6.3.9600.18146
15a4.1720: FileVersion: 6.3.9600.18146 (winblue_ltsb.151121-0600)
15a4.1720: FileDescription: NT Layer DLL
15a4.1720: \SystemRoot\System32\kernel32.dll:
15a4.1720: CreationTime: 2014-11-21T04:54:29.428345900Z
15a4.1720: LastWriteTime: 2014-11-21T04:54:29.443970800Z
15a4.1720: ChangeTime: 2015-11-29T07:38:25.702293200Z
15a4.1720: FileAttributes: 0x20
15a4.1720: Size: 0x13fc30
15a4.1720: NT Headers: 0xf8
15a4.1720: Timestamp: 0x545054ca
15a4.1720: Machine: 0x8664 - amd64
15a4.1720: Timestamp: 0x545054ca
15a4.1720: Image Version: 6.3
15a4.1720: SizeOfImage: 0x13e000 (1302528)
15a4.1720: Resource Dir: 0x12e000 LB 0x518
15a4.1720: ProductName: Microsoft® Windows® Operating System
15a4.1720: ProductVersion: 6.3.9600.17415
15a4.1720: FileVersion: 6.3.9600.17415 (winblue_r4.141028-1500)
15a4.1720: FileDescription: Windows NT BASE API Client DLL
15a4.1720: \SystemRoot\System32\KernelBase.dll:
15a4.1720: CreationTime: 2015-10-18T00:27:07.158240600Z
15a4.1720: LastWriteTime: 2015-08-07T21:40:29.476583000Z
15a4.1720: ChangeTime: 2015-11-29T07:40:42.590553700Z
15a4.1720: FileAttributes: 0x20
15a4.1720: Size: 0x1150a0
15a4.1720: NT Headers: 0xf0
15a4.1720: Timestamp: 0x55c4c341
15a4.1720: Machine: 0x8664 - amd64
15a4.1720: Timestamp: 0x55c4c341
15a4.1720: Image Version: 6.3
15a4.1720: SizeOfImage: 0x115000 (1134592)
15a4.1720: Resource Dir: 0x110000 LB 0x3530
15a4.1720: ProductName: Microsoft® Windows® Operating System
15a4.1720: ProductVersion: 6.3.9600.18007
15a4.1720: FileVersion: 6.3.9600.18007 (winblue_ltsb.150807-0612)
15a4.1720: FileDescription: Windows NT BASE API Client DLL
15a4.1720: \SystemRoot\System32\apisetschema.dll:
15a4.1720: CreationTime: 2013-08-22T12:13:09.745625900Z
15a4.1720: LastWriteTime: 2013-08-22T12:35:12.091034400Z
15a4.1720: ChangeTime: 2015-02-28T15:00:50.160174800Z
15a4.1720: FileAttributes: 0x20
15a4.1720: Size: 0x11360
15a4.1720: NT Headers: 0xd0
15a4.1720: Timestamp: 0x52160049
15a4.1720: Machine: 0x8664 - amd64
15a4.1720: Timestamp: 0x52160049
15a4.1720: Image Version: 6.3
15a4.1720: SizeOfImage: 0x13000 (77824)
15a4.1720: Resource Dir: 0x11000 LB 0x3f8
15a4.1720: ProductName: Microsoft® Windows® Operating System
15a4.1720: ProductVersion: 6.3.9600.16384
15a4.1720: FileVersion: 6.3.9600.16384 (winblue_rtm.130821-1623)
15a4.1720: FileDescription: ApiSet Schema DLL
15a4.1720: NtOpenDirectoryObject failed on \Driver: 0xc0000022
15a4.1720: supR3HardenedWinFindAdversaries: 0x400
15a4.1720: \SystemRoot\System32\drivers\MpFilter.sys:
15a4.1720: CreationTime: 2015-03-04T11:34:52.000000000Z
15a4.1720: LastWriteTime: 2015-03-04T11:34:52.000000000Z
15a4.1720: ChangeTime: 2015-05-13T05:26:35.321737200Z
15a4.1720: FileAttributes: 0x20
15a4.1720: Size: 0x44738
15a4.1720: NT Headers: 0xf0
15a4.1720: Timestamp: 0x54efb880
15a4.1720: Machine: 0x8664 - amd64
15a4.1720: Timestamp: 0x54efb880
15a4.1720: Image Version: 6.3
15a4.1720: SizeOfImage: 0x44000 (278528)
15a4.1720: Resource Dir: 0x42000 LB 0xd50
15a4.1720: ProductName: Microsoft Malware Protection
15a4.1720: ProductVersion: 4.8.0200.0
15a4.1720: FileVersion: 4.8.0200.0
15a4.1720: FileDescription: Microsoft antimalware file system filter driver
15a4.1720: \SystemRoot\System32\drivers\NisDrvWFP.sys:
15a4.1720: CreationTime: 2015-03-04T11:34:52.000000000Z
15a4.1720: LastWriteTime: 2015-03-04T11:34:52.000000000Z
15a4.1720: ChangeTime: 2015-05-13T05:26:35.181105100Z
15a4.1720: FileAttributes: 0x20
15a4.1720: Size: 0x1e698
15a4.1720: NT Headers: 0xf0
15a4.1720: Timestamp: 0x54efb8af
15a4.1720: Machine: 0x8664 - amd64
15a4.1720: Timestamp: 0x54efb8af
15a4.1720: Image Version: 6.3
15a4.1720: SizeOfImage: 0x1f000 (126976)
15a4.1720: Resource Dir: 0x1c000 LB 0x1b90
15a4.1720: ProductName: Microsoft Malware Protection
15a4.1720: ProductVersion: 4.8.0200.0
15a4.1720: FileVersion: 4.8.0200.0
15a4.1720: FileDescription: Microsoft Network Realtime Inspection Driver
15a4.1720: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
15a4.1720: Calling main()
15a4.1720: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
15a4.1720: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
15a4.1720: SUPR3HardenedMain: Respawn #1
15a4.1720: System32: \Device\HarddiskVolume2\Windows\System32
15a4.1720: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
15a4.1720: KnownDllPath: C:\Windows\system32
15a4.1720: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
15a4.1720: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
15a4.1720: supR3HardNtEnableThreadCreation:
15a4.1720: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fff53d68bf0 pvNtTerminateThread=00007fff53de1350
15a4.1720: supR3HardenedWinDoReSpawn(1): New child 23c8.12f8 [kernel32].
15a4.1720: supR3HardNtChildGatherData: PebBaseAddress=00007ff6d18d4000 cbPeb=0x388
15a4.1720: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007fff53d50000 uNtDllChildAddr=00007fff53d50000
15a4.1720: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007fff53d68bf0
15a4.1720: supR3HardenedWinSetupChildInit: Start child.
15a4.1720: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
15a4.1720: supR3HardNtChildPurify: Startup delay kludge #1/0: 514 ms, 59 sleeps
15a4.1720: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
15a4.1720: *0000000000000000-ffffffffff89ffff 0x0001/0x0000 0x0000000
15a4.1720: *0000000000760000-000000000073ffff 0x0004/0x0004 0x0020000
15a4.1720: *0000000000780000-0000000000770fff 0x0002/0x0002 0x0040000
15a4.1720: 000000000078f000-000000000078dfff 0x0001/0x0000 0x0000000
15a4.1720: *0000000000790000-0000000000693fff 0x0000/0x0004 0x0020000
15a4.1720: 000000000088c000-0000000000888fff 0x0104/0x0004 0x0020000
15a4.1720: 000000000088f000-000000000088dfff 0x0004/0x0004 0x0020000
15a4.1720: *0000000000890000-000000000088bfff 0x0002/0x0002 0x0040000
15a4.1720: 0000000000894000-0000000000887fff 0x0001/0x0000 0x0000000
15a4.1720: *00000000008a0000-000000000089dfff 0x0004/0x0004 0x0020000
15a4.1720: 00000000008a2000-0000000000893fff 0x0001/0x0000 0x0000000
15a4.1720: *00000000008b0000-00000000008aefff 0x0040/0x0040 0x0020000 !!
15a4.1720: supHardNtVpFreeOrReplacePrivateExecMemory: Freeing exec mem at 00000000008b0000 (LB 0x1000, 00000000008b0000 LB 0x1000)
15a4.1720: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [00000000008b0000/00000000008b0000 LB 0/0x1000]
15a4.1720: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/00000000008b0000 LB 0x7f730000 s=0x10000 ap=0x0 rp=0x00000000000001
15a4.1720: 00000000008b1000-ffffffff81181fff 0x0001/0x0000 0x0000000
15a4.1720: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
15a4.1720: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
15a4.1720: 000000007fff0000-ffff800a2e73ffff 0x0001/0x0000 0x0000000
15a4.1720: *00007ff6d18a0000-00007ff6d186cfff 0x0002/0x0002 0x0040000
15a4.1720: 00007ff6d18d3000-00007ff6d18d1fff 0x0001/0x0000 0x0000000
15a4.1720: *00007ff6d18d4000-00007ff6d18d2fff 0x0004/0x0004 0x0020000
15a4.1720: 00007ff6d18d5000-00007ff6d18cbfff 0x0001/0x0000 0x0000000
15a4.1720: *00007ff6d18de000-00007ff6d18dbfff 0x0004/0x0004 0x0020000
15a4.1720: 00007ff6d18e0000-00007ff6d103ffff 0x0001/0x0000 0x0000000
15a4.1720: *00007ff6d2180000-00007ff6d2180fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2181000-00007ff6d2207fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2208000-00007ff6d2208fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2209000-00007ff6d2253fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2254000-00007ff6d2254fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2255000-00007ff6d2255fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2256000-00007ff6d225afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d225b000-00007ff6d225bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d225c000-00007ff6d225cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d225d000-00007ff6d2260fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2261000-00007ff6d22abfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d22ac000-00007fee50807fff 0x0001/0x0000 0x0000000
15a4.1720: *00007fff53d50000-00007fff53d50fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53d51000-00007fff53e7cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53e7d000-00007fff53e82fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53e83000-00007fff53e8ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53e90000-00007fff53e90fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53e91000-00007fff53e93fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53e94000-00007fff53e94fff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53e95000-00007fff53efbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53efc000-00007ffea7e17fff 0x0001/0x0000 0x0000000
15a4.1720: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
15a4.1720: VirtualBox.exe: timestamp 0x564221d3 (rc=VINF_SUCCESS)
15a4.1720: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
15a4.1720: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
15a4.1720: supR3HardNtChildPurify: cFixes=1 g_fSupAdversaries=0x400
15a4.1720: supR3HardNtChildPurify: Startup delay kludge #1/1: 515 ms, 59 sleeps
15a4.1720: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
15a4.1720: *0000000000000000-ffffffffff89ffff 0x0001/0x0000 0x0000000
15a4.1720: *0000000000760000-000000000073ffff 0x0004/0x0004 0x0020000
15a4.1720: *0000000000780000-0000000000770fff 0x0002/0x0002 0x0040000
15a4.1720: 000000000078f000-000000000078dfff 0x0001/0x0000 0x0000000
15a4.1720: *0000000000790000-0000000000693fff 0x0000/0x0004 0x0020000
15a4.1720: 000000000088c000-0000000000888fff 0x0104/0x0004 0x0020000
15a4.1720: 000000000088f000-000000000088dfff 0x0004/0x0004 0x0020000
15a4.1720: *0000000000890000-000000000088bfff 0x0002/0x0002 0x0040000
15a4.1720: 0000000000894000-0000000000887fff 0x0001/0x0000 0x0000000
15a4.1720: *00000000008a0000-000000000089dfff 0x0004/0x0004 0x0020000
15a4.1720: 00000000008a2000-ffffffff81163fff 0x0001/0x0000 0x0000000
15a4.1720: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
15a4.1720: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
15a4.1720: 000000007fff0000-ffff800a2e73ffff 0x0001/0x0000 0x0000000
15a4.1720: *00007ff6d18a0000-00007ff6d186cfff 0x0002/0x0002 0x0040000
15a4.1720: 00007ff6d18d3000-00007ff6d18d1fff 0x0001/0x0000 0x0000000
15a4.1720: *00007ff6d18d4000-00007ff6d18d2fff 0x0004/0x0004 0x0020000
15a4.1720: 00007ff6d18d5000-00007ff6d18cbfff 0x0001/0x0000 0x0000000
15a4.1720: *00007ff6d18de000-00007ff6d18dbfff 0x0004/0x0004 0x0020000
15a4.1720: 00007ff6d18e0000-00007ff6d103ffff 0x0001/0x0000 0x0000000
15a4.1720: *00007ff6d2180000-00007ff6d2180fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2181000-00007ff6d2207fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2208000-00007ff6d2208fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2209000-00007ff6d2253fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2254000-00007ff6d2260fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d2261000-00007ff6d22abfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: 00007ff6d22ac000-00007fee50807fff 0x0001/0x0000 0x0000000
15a4.1720: *00007fff53d50000-00007fff53d50fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53d51000-00007fff53e7cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53e7d000-00007fff53e82fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53e83000-00007fff53e8ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53e90000-00007fff53e93fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53e94000-00007fff53e94fff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53e95000-00007fff53efbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
15a4.1720: 00007fff53efc000-00007ffea7e17fff 0x0001/0x0000 0x0000000
15a4.1720: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
15a4.1720: supR3HardNtChildPurify: Done after 1062 ms and 1 fixes (loop #1).
15a4.1720: supR3HardNtEnableThreadCreation:
23c8.12f8: Log file opened: 5.0.10r104061 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x63258000
23c8.12f8: supR3HardenedVmProcessInit: uNtDllAddr=00007fff53d50000
23c8.12f8: ntdll.dll: timestamp 0x5650b9bb (rc=VINF_SUCCESS)
23c8.12f8: New simple heap: #1 00000000009b0000 LB 0x400000 (for 1753088 allocation)
23c8.12f8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
23c8.12f8: System32: \Device\HarddiskVolume2\Windows\System32
23c8.12f8: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
23c8.12f8: KnownDllPath: C:\Windows\system32
23c8.12f8: supR3HardenedVmProcessInit: Opening vboxdrv stub...
23c8.12f8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
23c8.12f8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
23c8.12f8: Registered Dll notification callback with NTDLL.
23c8.12f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
23c8.12f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
23c8.12f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
23c8.12f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
23c8.12f8: supR3HardenedDllNotificationCallback: load 00007fff50f70000 LB 0x00115000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
23c8.12f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
23c8.12f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
23c8.12f8: supR3HardenedDllNotificationCallback: load 00007fff532e0000 LB 0x0013e000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0]
23c8.12f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
23c8.12f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff532e0000 'C:\Windows\system32\KERNEL32.DLL'
23c8.12f8: supR3HardenedDllNotificationCallback: load 00007ff6d2180000 LB 0x0012c000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
23c8.12f8: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
23c8.12f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
23c8.12f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
15a4.1720: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 75 ms, CloseEvents);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment