|
|
EDA365欢迎您登录!
您需要 登录 才可以下载或查看,没有帐号?注册
x
- X! {& L3 ^( W" [
报错提示如下
3 t# z' N( q$ J/ w6 r1 D
, d) p5 [1 p1 U. t& n
2 ~8 x. P5 E1 ~, b: Y0 m, {; S* r: VVBoxHardening.log日志如下:
/ P- ]% m+ X" X1 h; a. k3 z7 S! J9 y* @8 Y) i, e) m6 l, N, M2 H; m
27fc.33b0: Log file opened: 6.1.12r139181 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa047ba00
. j9 c+ j4 J0 W( {9 C6 C27fc.33b0: \SystemRoot\System32\ntdll.dll:
2 E, ~4 {/ h: l! M4 L& ~27fc.33b0: CreationTime: 2020-05-13T04:08:01.305832200Z, @7 L. z& z( j: X" A
27fc.33b0: LastWriteTime: 2020-05-13T04:08:01.364711200Z* e8 ~. q; D6 f% s3 L9 ?2 k
27fc.33b0: ChangeTime: 2020-08-12T03:51:05.663111000Z3 k# F' d- Z) r z) O7 D
27fc.33b0: FileAttributes: 0x20* ~; j& v7 B, e! ~. k! _
27fc.33b0: Size: 0x1e84608 r( ?$ E; I# r+ B+ ~5 ?
27fc.33b0: NT Headers: 0xd82 _# a0 L7 w0 S5 h" Q
27fc.33b0: Timestamp: 0xb29ecf52
" s, o$ Z+ Q) m5 c% L6 j5 H27fc.33b0: Machine: 0x8664 - amd64
- t' f+ j. b( j: L27fc.33b0: Timestamp: 0xb29ecf52: {: H& B; x% y2 r
27fc.33b0: Image Version: 10.0
, D5 l; d# Y0 x7 r. B27fc.33b0: SizeOfImage: 0x1f0000 (2031616)
; Q! y5 D* v6 t% l+ C4 `27fc.33b0: Resource Dir: 0x17f000 LB 0x6f310
# Y% a2 u3 L7 s* S: L27fc.33b0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
4 f' |) }. g3 M, C1 t T27fc.33b0: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1 S5 T% d5 G$ f0 J7 X9 q4 N; t, m27fc.33b0: ProductName: Microsoft® Windows® Operating System/ b, n$ ]7 P; N
27fc.33b0: ProductVersion: 10.0.18362.8152 G5 E2 M4 `! E5 l
27fc.33b0: FileVersion: 10.0.18362.815 (WinBuild.160101.0800)% A4 E9 ?3 |5 k' @- e2 w; Y
27fc.33b0: FileDescription: NT Layer DLL# l" L2 ?3 j- v7 _" c7 [8 h
27fc.33b0: \SystemRoot\System32\kernel32.dll:( X H) H! b- u- \, o
27fc.33b0: CreationTime: 2020-07-15T02:37:51.154008500Z
/ p3 U3 [* r: \* L! P27fc.33b0: LastWriteTime: 2020-07-15T02:37:51.189919900Z, Z$ U( i) g- I D3 |
27fc.33b0: ChangeTime: 2020-08-12T03:51:05.332995100Z
9 j9 z5 Y: x" b, F+ B# A) M' I27fc.33b0: FileAttributes: 0x20
! }+ N$ e" y- _0 ]! b/ y" y27fc.33b0: Size: 0xb0498
9 Z3 @7 Y, T1 n27fc.33b0: NT Headers: 0xe8( A7 ]) G9 F% H, [# Y
27fc.33b0: Timestamp: 0xce6bbd736 @& J5 q9 D/ Z3 B! O2 F
27fc.33b0: Machine: 0x8664 - amd64
$ O I( ]1 t; g2 d4 c27fc.33b0: Timestamp: 0xce6bbd73
. ^2 w- r: t6 Q27fc.33b0: Image Version: 10.0' [- C8 u8 }. c7 T b3 W+ i
27fc.33b0: SizeOfImage: 0xb2000 (729088)
0 K% S+ J. h- ]1 h5 P8 u27fc.33b0: Resource Dir: 0xb0000 LB 0x520
% m. B/ e9 ~- o* p7 a27fc.33b0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
9 G& K3 N- V; F' j$ u% t27fc.33b0: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]4 r5 p, d' _, U$ \0 {* ^* U
27fc.33b0: ProductName: Microsoft® Windows® Operating System
9 V9 i/ v! [4 E* l, m) {! c) C4 O27fc.33b0: ProductVersion: 10.0.18362.9597 d9 T/ s' S/ N" b" r! v
27fc.33b0: FileVersion: 10.0.18362.959 (WinBuild.160101.0800)
7 ~# j! z# A0 ?/ O O27fc.33b0: FileDescription: Windows NT BASE API Client DLL, n' w& F0 W3 d1 r1 V- U
27fc.33b0: \SystemRoot\System32\KernelBase.dll:
- b, p0 M. u# v# R7 f* Y27fc.33b0: CreationTime: 2020-08-12T03:50:16.150249100Z4 t6 k# `5 s3 c# }1 E
27fc.33b0: LastWriteTime: 2020-08-12T03:50:16.238020800Z9 p! K/ l9 _4 M( o& F% s
27fc.33b0: ChangeTime: 2020-08-12T09:44:10.047506100Z
, u* b& R+ e0 f6 o; _$ V _' A27fc.33b0: FileAttributes: 0x20
( h. h& w8 G' W+ u m! q1 W4 [27fc.33b0: Size: 0x2a38688 C( r7 T" n: M, t( n# \8 e
27fc.33b0: NT Headers: 0xf8# r$ s/ ?# O- T, h" z3 I4 C& R" c
27fc.33b0: Timestamp: 0x91b9349a
. n4 q" q% m2 p2 b( Q+ B2 t# Q/ }27fc.33b0: Machine: 0x8664 - amd64/ p9 m6 N# z# ~) v+ U6 O+ `- i5 f
27fc.33b0: Timestamp: 0x91b9349a
, {. v9 \# @. ?; `& N8 A9 q27fc.33b0: Image Version: 10.0 k* X( q! M" f6 R4 I
27fc.33b0: SizeOfImage: 0x2a4000 (2768896)
0 L; T3 O b" T5 v+ n8 n27fc.33b0: Resource Dir: 0x27e000 LB 0x5487 y$ a0 u, v' d5 z N
27fc.33b0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
9 e* X) p9 i1 V: u7 L27fc.33b0: [Raw version resource data: 0x27e0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
% ]2 e1 I" i1 }1 u27fc.33b0: ProductName: Microsoft® Windows® Operating System
5 K; F5 D) t9 v$ I# n7 x/ E, R27fc.33b0: ProductVersion: 10.0.18362.997
5 P) c1 J( D2 l. W A27fc.33b0: FileVersion: 10.0.18362.997 (WinBuild.160101.0800): @3 `! b% R4 c9 E1 G7 N+ d
27fc.33b0: FileDescription: Windows NT BASE API Client DLL0 v, O# d( g2 g9 D
27fc.33b0: \SystemRoot\System32\apisetschema.dll:
& _- K3 V. V/ ]$ i* V27fc.33b0: CreationTime: 2019-03-19T04:43:54.837151500Z e, u. D! X9 J2 ?+ X
27fc.33b0: LastWriteTime: 2019-03-19T04:43:54.837151500Z4 k( M; a$ w! g" u
27fc.33b0: ChangeTime: 2020-08-12T03:51:05.320029000Z
' a1 U3 U$ a w) Q4 ^8 a% C27fc.33b0: FileAttributes: 0x20
. D; ^/ d$ d! g+ x0 q! h4 _8 N7 Y% _27fc.33b0: Size: 0x1d028
# f; L- k* x. b( m: n( S9 L27fc.33b0: NT Headers: 0xc84 A) c- e, g4 P' T0 H
27fc.33b0: Timestamp: 0xd6ced0800 S; Y7 @0 ]& ^+ j; q
27fc.33b0: Machine: 0x8664 - amd64
' t5 x7 v4 C" @6 y! [# P27fc.33b0: Timestamp: 0xd6ced0803 Y8 C, f, E0 `! e7 z" [; l
27fc.33b0: Image Version: 10.04 @4 x$ r7 c/ f- l+ h9 |* A
27fc.33b0: SizeOfImage: 0x1e000 (122880)# ^! R7 I& z5 L& I9 E; R
27fc.33b0: Resource Dir: 0x1d000 LB 0x4085 x% F. f- z( E q# t% E* O
27fc.33b0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
. @$ m0 v8 h) y8 n" d27fc.33b0: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
& ~5 f, i0 Z, J, o# `4 O2 b( v6 S27fc.33b0: ProductName: Microsoft® Windows® Operating System
! L6 S' O6 u1 v, p& v% J" q: g* i0 I27fc.33b0: ProductVersion: 10.0.18362.1
/ {1 F3 f" v) p* C- Z0 q. A: | _* Q1 E27fc.33b0: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
, z2 E$ H! Q U6 ]27fc.33b0: FileDescription: ApiSet Schema DLL
" D- j9 g! B8 X/ x% r27fc.33b0: NtOpenDirectoryObject failed on \Driver: 0xc0000022* f* T* W& S7 ?9 E0 F1 v( @
27fc.33b0: supR3HardenedWinFindAdversaries: 0x0; v6 o. ~5 W% s/ P4 x, Y5 g2 @
27fc.33b0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume6\virtualBox'/ M# F* m! W' g7 T$ j- m. A
27fc.33b0: Calling main()
, N. e, |9 }% ~8 K: }& h P$ V27fc.33b0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
9 }' |8 N6 k; r27fc.33b0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume6\virtualBox'
x3 z* n- B1 H7 u27fc.33b0: SUPR3HardenedMain: Respawn #1
0 o' c1 i! l( X$ a7 k& L27fc.33b0: System32: \Device\HarddiskVolume3\Windows\System32
/ }' B4 q2 Y3 L5 l4 j# B( B- \27fc.33b0: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS8 L, k$ d& Q! i# z! i
27fc.33b0: KnownDllPath: C:\Windows\System32- O' h/ Q: S; n% q) H: R& Y
27fc.33b0: supR3HardenedWinInit: PeRForming a limited self purification...% R, t/ l. j, t
27fc.33b0: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION5 \' X( J% x8 L0 d* g5 Z
27fc.33b0: *0000000000000000-0000000000acffff 0x0001/0x0000 0x0000000
6 ]5 r. V$ w$ r$ q6 N27fc.33b0: *0000000000ad0000-0000000000adffff 0x0004/0x0004 0x0040000
4 x4 e( {& R6 @4 Q9 v27fc.33b0: 0000000000ae0000-0000000000aeffff 0x0001/0x0000 0x0000000
. }* a* @0 @7 a$ U27fc.33b0: *0000000000af0000-0000000000b0afff 0x0002/0x0002 0x0040000
6 u$ ]' L& k( \27fc.33b0: 0000000000b0b000-0000000000b0ffff 0x0001/0x0000 0x0000000
6 c1 Q& X5 _8 P+ v4 j* F4 m27fc.33b0: *0000000000b10000-0000000000b13fff 0x0002/0x0002 0x0040000
/ g$ L1 b; x0 N9 k4 k/ y9 v27fc.33b0: 0000000000b14000-0000000000b1ffff 0x0001/0x0000 0x0000000. z1 E" K2 c. P8 c- ^& V
27fc.33b0: *0000000000b20000-0000000000b21fff 0x0004/0x0004 0x0020000: e- }& o" Z7 z" e" B/ Y6 F$ P7 ^, B
27fc.33b0: 0000000000b22000-0000000000b2ffff 0x0001/0x0000 0x0000000. H7 h2 N! H) X( A
27fc.33b0: *0000000000b30000-0000000000bf6fff 0x0002/0x0002 0x0040000
9 ]* ~5 N% C: ~% B) t. |. S27fc.33b0: 0000000000bf7000-0000000000bfffff 0x0001/0x0000 0x0000000
2 n. Q G8 C8 n0 R5 S. |1 U27fc.33b0: *0000000000c00000-0000000000d8efff 0x0000/0x0004 0x0020000! ]6 D+ Q* j* D1 g! x& ?7 g
27fc.33b0: 0000000000d8f000-0000000000d91fff 0x0004/0x0004 0x0020000
% u; ?+ {8 c; I0 e4 ^27fc.33b0: 0000000000d92000-0000000000dfffff 0x0000/0x0004 0x0020000
( W7 z2 D [) x2 u# U27fc.33b0: *0000000000e00000-0000000000eb8fff 0x0000/0x0004 0x00200009 l0 r# z6 g( ]6 r( p
27fc.33b0: 0000000000eb9000-0000000000ebbfff 0x0104/0x0004 0x0020000* }9 I/ s6 b0 Q0 e2 p+ T
27fc.33b0: 0000000000ebc000-0000000000efffff 0x0004/0x0004 0x0020000
8 g$ ]9 R9 K* i7 c4 J* G27fc.33b0: *0000000000f00000-0000000000f01fff 0x0004/0x0004 0x00200008 m7 ^" ~% x S
27fc.33b0: 0000000000f02000-0000000000f19fff 0x0000/0x0004 0x0020000
) `. ]% N8 O' p2 S2 n; q/ } I27fc.33b0: 0000000000f1a000-0000000000ffffff 0x0001/0x0000 0x0000000
; O+ E- v: B) g27fc.33b0: *0000000001000000-0000000001004fff 0x0004/0x0004 0x0020000, W( c+ {! a; ?5 M3 l1 e+ F
27fc.33b0: 0000000001005000-00000000010fffff 0x0000/0x0004 0x0020000- C' A4 j! w/ m: E9 r1 O% m6 M1 G5 ~
27fc.33b0: *0000000001100000-000000000111cfff 0x0004/0x0004 0x00200001 Y' k$ b+ N( z
27fc.33b0: 000000000111d000-00000000011fffff 0x0000/0x0004 0x00200000 [# I$ R! T/ [( @) x+ [$ m; {
27fc.33b0: 0000000001200000-00000000012effff 0x0001/0x0000 0x00000006 T+ M4 w' Z! q% m) L" T; h* m
27fc.33b0: *00000000012f0000-00000000012fefff 0x0004/0x0004 0x0020000
( I- y" z7 R- m; Z" a27fc.33b0: 00000000012ff000-00000000012fffff 0x0000/0x0004 0x0020000
* [% {# I+ n6 w R# P" E27fc.33b0: *0000000001300000-0000000001303fff 0x0000/0x0004 0x0020000
5 w; i# h( x& { ?8 T( w27fc.33b0: 0000000001304000-00000000014f4fff 0x0004/0x0004 0x0020000) q" `$ W6 `6 m
27fc.33b0: 00000000014f5000-00000000014f5fff 0x0000/0x0004 0x0020000
& p% a- ~5 T0 E5 i5 y27fc.33b0: 00000000014f6000-000000007ffdffff 0x0001/0x0000 0x0000000. J8 c6 Q% O8 j% g# i% k$ m
27fc.33b0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000, U% A# ~: i) q; V
27fc.33b0: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
" D, N- f2 d- H27fc.33b0: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000$ b3 T, g, D. U% l
27fc.33b0: 000000007fff0000-00007ff465c8ffff 0x0001/0x0000 0x00000002 S, c5 |4 p# Z3 o: ~6 q
27fc.33b0: *00007ff465c90000-00007ff465c94fff 0x0002/0x0002 0x0040000" ^9 f" f# N. ?' j
27fc.33b0: 00007ff465c95000-00007ff465d8ffff 0x0000/0x0002 0x0040000
0 z! F. h' f! {27fc.33b0: *00007ff465d90000-00007ff565daffff 0x0000/0x0004 0x0020000
8 g6 q" h3 U5 p G4 a27fc.33b0: *00007ff565db0000-00007ff567daffff 0x0000/0x0004 0x0020000
' M5 V5 |+ } F N4 T27fc.33b0: 00007ff567db0000-00007ff567db0fff 0x0004/0x0004 0x0020000. p' T0 N! R- c( o& c
27fc.33b0: 00007ff567db1000-00007ff567dbffff 0x0001/0x0000 0x0000000
; g2 ^+ L+ R/ d/ \! W27fc.33b0: *00007ff567dc0000-00007ff567dc0fff 0x0002/0x0002 0x0040000
" r: H$ R x( J27fc.33b0: 00007ff567dc1000-00007ff567dcffff 0x0001/0x0000 0x00000006 B, o& e6 w+ n/ i
27fc.33b0: *00007ff567dd0000-00007ff567e02fff 0x0002/0x0002 0x0040000
% h6 V+ K' r, Q2 ?9 m- a27fc.33b0: 00007ff567e03000-00007ff646a3ffff 0x0001/0x0000 0x00000007 B! j1 m" @! j+ u. h, `
27fc.33b0: *00007ff646a40000-00007ff646a40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe
# K; _3 i, f+ w/ \+ `27fc.33b0: 00007ff646a41000-00007ff646ab6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe! F5 Z; _8 R) Q3 y/ M/ w, ^
27fc.33b0: 00007ff646ab7000-00007ff646ab7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe( |1 m, P' r, C |; {; n
27fc.33b0: 00007ff646ab8000-00007ff646afffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe9 ~+ x+ [6 f8 J1 B
27fc.33b0: 00007ff646b00000-00007ff646b02fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe
; ]" r, }, Y0 `3 i+ ^27fc.33b0: 00007ff646b03000-00007ff646b05fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe& g4 n; R2 ~* z& F8 ?' n7 I9 ?( |
27fc.33b0: 00007ff646b06000-00007ff646b08fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe
! l r3 ^' U- T2 d2 j' B27fc.33b0: 00007ff646b09000-00007ff646b09fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe2 L! m4 @5 k& G w- S8 Q
27fc.33b0: 00007ff646b0a000-00007ff646b0bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe9 w+ |) Y6 S9 j' U6 B
27fc.33b0: 00007ff646b0c000-00007ff646b0cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe
5 T% o1 o# Y8 M, f, J27fc.33b0: 00007ff646b0d000-00007ff646b55fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe
' l _) K; E. }( ` V) U- F27fc.33b0: 00007ff646b56000-00007ff938fcffff 0x0001/0x0000 0x0000000
3 D" i* C! M$ |9 s9 a7 [* t27fc.33b0: *00007ff938fd0000-00007ff938fd0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll s# S1 Q! H5 X) B* r4 h: z* L+ F
27fc.33b0: 00007ff938fd1000-00007ff9390d5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll( I1 _1 g ~& p$ H Q+ j( ^, A
27fc.33b0: 00007ff9390d6000-00007ff939238fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
. V3 ]6 j4 s" ]27fc.33b0: 00007ff939239000-00007ff93923cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll H5 Y, _: M% R- \ i1 c) E! E
27fc.33b0: 00007ff93923d000-00007ff93923dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll/ j4 {! {; L. X/ \; m
27fc.33b0: 00007ff93923e000-00007ff939273fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll8 T5 m3 j0 V6 G# f) g
27fc.33b0: 00007ff939274000-00007ff93a98ffff 0x0001/0x0000 0x00000000 y/ S ^, ]( J+ `$ b" {
27fc.33b0: *00007ff93a990000-00007ff93a990fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
0 v1 p( S2 G" @$ g27fc.33b0: 00007ff93a991000-00007ff93aa05fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll2 x- @$ `9 k1 X
27fc.33b0: 00007ff93aa06000-00007ff93aa37fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
7 J+ l# U7 |: e* e/ S" Q/ v" M27fc.33b0: 00007ff93aa38000-00007ff93aa38fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
! j; i d% F' Y) V27fc.33b0: 00007ff93aa39000-00007ff93aa39fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll( N/ @' A1 v2 I4 ?4 m
27fc.33b0: 00007ff93aa3a000-00007ff93aa41fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
8 }* k; N& G4 D27fc.33b0: 00007ff93aa42000-00007ff93badffff 0x0001/0x0000 0x0000000
- O- O, ]# k- V# V R3 R27fc.33b0: *00007ff93bae0000-00007ff93bae0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
# I% g* C" q3 N27fc.33b0: 00007ff93bae1000-00007ff93bbf7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll, c8 q! _* |5 \' D- ^* X
27fc.33b0: 00007ff93bbf8000-00007ff93bc3efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
) r% }$ ?1 X5 [, `) W3 D* g27fc.33b0: 00007ff93bc3f000-00007ff93bc3ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
: T( T4 B9 R& z% m) D, H. X27fc.33b0: 00007ff93bc40000-00007ff93bc41fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll# T1 f5 g8 z# |3 a3 k8 m
27fc.33b0: 00007ff93bc42000-00007ff93bc4afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
6 I" W1 w; u$ K* m4 r( R; \27fc.33b0: 00007ff93bc4b000-00007ff93bccffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2 d6 s0 O# M3 c: j6 t: S27fc.33b0: 00007ff93bcd0000-00007ffffffeffff 0x0001/0x0000 0x00000000 f* w1 i: Q$ X+ I% x. E
27fc.33b0: kernel32.dll: timestamp 0xce6bbd73 (rc=VINF_SUCCESS)) e: t7 x7 U1 `! B8 I0 T0 e
27fc.33b0: kernelbase.dll: timestamp 0x91b9349a (rc=VINF_SUCCESS)5 m' c/ n4 j; H7 N# }5 A
27fc.33b0: VirtualBoxVM.exe: timestamp 0x5f08d7bc (rc=VINF_SUCCESS)
# U) s8 p2 a4 r" x27fc.33b0: '\Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe' has no imports0 L" T" l! B6 v1 W5 [) R( c+ b
27fc.33b0: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
" y Y5 v( K9 ]/ d8 n' l" a; p' v27fc.33b0: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0: t. h' l7 X* C" n+ P3 s* h" Y7 `
27fc.33b0: '\Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe' has no imports- C9 O4 M' Q! ~8 n/ ?% X. k5 r
27fc.33b0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe)( O2 g2 `5 O! J; j
27fc.33b0: supR3HardNtEnableThreadCreationEx:! t4 F S5 R( p1 E2 X$ U
27fc.33b0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff93bb51770 pvNtTerminateThread=00007ff93bb7cac0$ U* S( Z& F; w* J' D) o3 H
27fc.33b0: supR3HardenedWinDoReSpawn(1): New child 32b0.2564 [kernel32].- r3 @ s' B5 o
27fc.33b0: supR3HardNtChildGatherData: PebBaseAddress=0000000000b2e000 cbPeb=0x388; k w0 q" g6 n$ m6 y3 ~
27fc.33b0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff93bae0000 uNtDllChildAddr=00007ff93bae0000
. @; [4 o: r0 ]27fc.33b0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff93bb51770
?8 j+ J% L( Y% s& C( D27fc.33b0: supR3HardenedWinSetupChildInit: Initial context:, q7 T: j; s( ~! q" J
rax=0000000000000000 rbx=0000000000000000 rcx=00007ff646a47900 rdx=0000000000b2e000
6 C' h5 ^" p5 c: C) g2 `% G# x9 J Krsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
+ c* X0 H8 l$ `1 o# hr10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
3 [+ P! `" Y8 U9 ~/ J/ fr14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
+ p3 m7 n3 ~8 K8 [2 a7 Srip=00007ff93bb4ce30 rsp=000000000096fa68 rbp=0000000000000000 ctxflags=0010001b
+ ~( k" t# I( G* T6 vcs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
* X) I; K G% l2 F# B9 J: GP3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=00000000000000009 E6 [" l4 @, n2 I8 Z4 H
dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
7 } D. t7 U7 G1 c Hdr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
" ]6 X2 _8 V- C$ m& o( {' [lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000& l, }5 A2 t1 `' c- S2 `5 x- Q
27fc.33b0: supR3HardenedWinSetupChildInit: Start child.; x, J4 R+ @) u ^* F
27fc.33b0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
" S$ O- \3 |8 ^, ~( z6 {6 p; T27fc.33b0: supR3HardNtChildPurify: Startup delay kludge #1/0: 268 ms, 23 sleeps$ L8 a$ b1 ?) \
27fc.33b0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION( B l2 O2 q, l2 }0 v, P' K, C R
27fc.33b0: *0000000000000000-000000000082ffff 0x0001/0x0000 0x0000000/ n5 i( `6 D% x M3 `
27fc.33b0: *0000000000830000-000000000084ffff 0x0004/0x0004 0x0020000* i/ `( ^7 V. b7 {! W
27fc.33b0: *0000000000850000-000000000086afff 0x0002/0x0002 0x0040000
3 P8 ^+ E- R E3 g3 H3 y27fc.33b0: 000000000086b000-000000000086ffff 0x0001/0x0000 0x0000000! k2 Z% L# p h) K+ p+ W; y& X
27fc.33b0: *0000000000870000-000000000096afff 0x0000/0x0004 0x00200004 J# B1 y; Z" E0 B6 f
27fc.33b0: 000000000096b000-000000000096dfff 0x0104/0x0004 0x00200008 v2 c" d1 i, I' x
27fc.33b0: 000000000096e000-000000000096ffff 0x0004/0x0004 0x00200005 x: S; P1 T3 }
27fc.33b0: *0000000000970000-0000000000973fff 0x0002/0x0002 0x0040000+ ?3 U3 N- K1 }. T
27fc.33b0: 0000000000974000-000000000097ffff 0x0001/0x0000 0x00000008 j+ y+ Q7 L5 o# P: j
27fc.33b0: *0000000000980000-0000000000981fff 0x0004/0x0004 0x0020000
* P, M m" C: s% W27fc.33b0: 0000000000982000-00000000009fffff 0x0001/0x0000 0x0000000/ P% q3 v$ d. k* ]2 B1 Y! [$ S$ ^
27fc.33b0: *0000000000a00000-0000000000b2dfff 0x0000/0x0004 0x00200006 ^7 D+ I8 L. ~# i
27fc.33b0: 0000000000b2e000-0000000000b30fff 0x0004/0x0004 0x0020000
& r: w, s5 }4 w; [0 ~* @27fc.33b0: 0000000000b31000-0000000000bfffff 0x0000/0x0004 0x0020000
! R% M z- c! o: [" T; ?2 |3 a& l27fc.33b0: 0000000000c00000-000000007ffdffff 0x0001/0x0000 0x00000008 T. h& [# i& m4 I. S
27fc.33b0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x00200008 M$ o! A) _. K4 X3 A% \
27fc.33b0: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
) x' c$ y# U: h6 z" ^, a" g27fc.33b0: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
# o# o0 B( q; O7 V4 z& ?* Y1 \27fc.33b0: 000000007fff0000-00007ff5ec1bffff 0x0001/0x0000 0x0000000
- ~8 W" ? l: M$ ]$ Q27fc.33b0: *00007ff5ec1c0000-00007ff5ec1c0fff 0x0002/0x0002 0x0040000" v7 B0 o" }2 e9 F
27fc.33b0: 00007ff5ec1c1000-00007ff5ec1cffff 0x0001/0x0000 0x0000000
. y3 [; O. M7 r* K" @9 |27fc.33b0: *00007ff5ec1d0000-00007ff5ec202fff 0x0002/0x0002 0x0040000
( Y9 ~3 u8 e S$ _5 T. V1 @27fc.33b0: 00007ff5ec203000-00007ff646a3ffff 0x0001/0x0000 0x00000001 _6 e8 h) D9 }, p
27fc.33b0: *00007ff646a40000-00007ff646a40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe. q: v$ Y3 d+ |& M
27fc.33b0: 00007ff646a41000-00007ff646ab6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe
5 T, B5 E6 W9 V9 ~+ i5 C/ l27fc.33b0: 00007ff646ab7000-00007ff646ab7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe+ N1 S/ f6 [* T( d: N% |
27fc.33b0: 00007ff646ab8000-00007ff646afffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe5 i. P& a- }7 Y& O5 W
27fc.33b0: 00007ff646b00000-00007ff646b00fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe X; u* y3 n- O7 g' a
27fc.33b0: 00007ff646b01000-00007ff646b01fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe2 B' Z0 `% p* G6 x! Y% z
27fc.33b0: 00007ff646b02000-00007ff646b06fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe
1 L0 j9 R+ w) r; p27fc.33b0: 00007ff646b07000-00007ff646b07fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe
) [5 K" Y6 a& T* K! I7 U' P& G# E27fc.33b0: 00007ff646b08000-00007ff646b08fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe) r4 s9 R2 M* r- F! U9 s7 \
27fc.33b0: 00007ff646b09000-00007ff646b0cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe! D0 p; c! Z# R% z6 x
27fc.33b0: 00007ff646b0d000-00007ff646b55fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe
5 |0 `/ m7 o) y27fc.33b0: 00007ff646b56000-00007ff93badffff 0x0001/0x0000 0x00000001 r* E/ y7 z5 ]: E& r+ E: b2 P
27fc.33b0: *00007ff93bae0000-00007ff93bae0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll: R, L3 c# A6 e9 o! _7 X/ Y! H
27fc.33b0: 00007ff93bae1000-00007ff93bbf7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll: o, q8 z( M+ T/ c$ `" T5 Q
27fc.33b0: 00007ff93bbf8000-00007ff93bc3efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
; r3 K* x5 T+ D& O& U6 P1 h* N27fc.33b0: 00007ff93bc3f000-00007ff93bc4afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
' ~+ M( d4 i6 v( s% `27fc.33b0: 00007ff93bc4b000-00007ff93bc59fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll' I. k) H) v" {' x" i
27fc.33b0: 00007ff93bc5a000-00007ff93bc5afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
9 J1 x4 y0 Y1 A7 a: q27fc.33b0: 00007ff93bc5b000-00007ff93bc5dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
+ E% s i# S. \27fc.33b0: 00007ff93bc5e000-00007ff93bccffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll; ^$ g1 x- T6 X: T) z( C2 j: X
27fc.33b0: 00007ff93bcd0000-00007ffffffeffff 0x0001/0x0000 0x0000000
3 W: E4 z% R4 S* C/ E27fc.33b0: supR3HardNtChildPurify: Done after 274 ms and 0 fixes (loop #0).! e. E% Z+ b+ T# O9 B% B( Y
32b0.2564: Log file opened: 6.1.12r139181 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba000 H5 Z! J8 Y' V* a; v
32b0.2564: supR3HardenedVmProcessInit: uNtDllAddr=00007ff93bae0000 g_uNtVerCombined=0xa047ba00 (stack ~000000000096f4f8)2 ~2 o4 {" x& ^0 E( x, K m+ I5 p
32b0.2564: ntdll.dll: timestamp 0xb29ecf52 (rc=VINF_SUCCESS)
1 J% Y+ K& |5 h- R8 m1 m% K32b0.2564: New simple heap: #1 0000000000d00000 LB 0x400000 (for 2031616 allocation)
; K) A8 g) f$ x f0 _- v32b0.2564: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume6\virtualBox'- q3 }6 L$ G y& J
32b0.2564: System32: \Device\HarddiskVolume3\Windows\System32. a- d! g9 T A4 [2 ^, \3 T, W5 P
32b0.2564: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS. x* {7 [. z& u0 I8 ^; ]. W
32b0.2564: KnownDllPath: C:\Windows\System32
( I1 P4 B8 i1 K m32b0.2564: supR3HardenedVmProcessInit: Opening vboxdrv stub...
* C& p: I8 b' k1 Q" S4 ]27fc.33b0: supR3HardNtEnableThreadCreationEx:$ n5 s; _ L4 V
32b0.2564: supR3HardenedWinReadErrorInfoDevice: 'Unknown image file \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe at 00007ff646a40000. (rc83Exp=-91)'
# ?3 Z5 k1 S1 k32b0.2564: Error -5633 in supR3HardenedWinReSpawn! (enmWhat=3)1 K) p, c9 S5 {
32b0.2564: NtCreateFile(\Device\VBoxDrvStub) failed: Unknown Status -5633 (0xffffe9ff) (rcNt=0xe986e9ff)$ y3 V; ]! N3 L0 P
VBoxDrvStub error: Unknown image file \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe at 00007ff646a40000. (rc83Exp=-91)
7 b( R* s' Q2 W6 P3 @27fc.33b0: supR3HardenedWinCheckChild: enmRequest=2 rc=-5633 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: Unknown Status -5633 (0xffffe9ff) (rcNt=0xe986e9ff)
$ n% X; n5 O; a* r0 dVBoxDrvStub error: Unknown image file \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe at 00007ff646a40000. (rc83Exp=-91)
& w- `1 J; x& G/ a5 ~32b0.2564: KiUserExceptionDispatcher: 0xc0000005 (0000000000000001, 0000000000000024) @ 00007ff93bae72a6 (flags=0x0)
* j# z& c6 E9 w; V; ?rax=0000000000000000 rbx=00007ff93bc452c0 rcx=00007ff93bc452c0 rdx=00000000fffffffa
5 e c. |8 R* ~# Q5 W# O( b& krsi=0000000000000000 rdi=00007ff93bc44f00 r8 =0000000000000000 r9 =00007ff93bc45200; ~5 b8 {) N, q* @3 g$ }( d
r10=0000000000000000 r11=0000000000968d90 r12=0000000000000000 r13=0000000000b2f0002 i/ X; }: X% D% R! b
r14=0000000000000001 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
, I% A7 ]( s8 q# lrip=00007ff93bae72a6 rsp=0000000000968bf0 rbp=00000000ffffe900 ctxflags=0010005f# C7 [ e1 f9 o1 `+ n
cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b eflags=00010213 mxcrx=00001f80
1 E8 ?! m' g5 ?# AP3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000' P( S1 G- C M" ?/ v7 _
dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=00000000000000004 O" X# {8 y1 M: N. r) `$ B
dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=00000000000000007 R9 [' X ~& U) E9 L
lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=00000000000000009 F1 u) L9 X. h
27fc.33b0: Error -5633 in supR3HardenedWinReSpawn! (enmWhat=3)7 g O% D9 z" O" V
27fc.33b0: NtCreateFile(\Device\VBoxDrvStub) failed: Unknown Status -5633 (0xffffe9ff) (rcNt=0xe986e9ff). \4 W) X1 p( l! M3 y
VBoxDrvStub error: Unknown image file \Device\HarddiskVolume6\virtualBox\VirtualBoxVM.exe at 00007ff646a40000. (rc83Exp=-91)
% V9 H! h5 X; q1 \7 }6 t
X5 I8 |3 L* s7 ~: ^7 x. G1 Q" Y: D a1 G" ?% i2 C* X8 u' e
7 I8 u& q' }8 ~2 f/ ?
* H. u6 p" p; j3 Q
? M8 R/ G5 S$ G) z4 m
vboxdrv已运行
6 ?; g7 T" Q; X+ k( N( F9 m, K- |3 @+ c5 h
请问大神们改如何解决这个问题
+ ~# l# o% k1 u/ b3 ? |
|
/1 
发表于 2021-7-13 13:34
收藏
淘帖
支持!
反对!