鱼C论坛

 找回密码
 立即注册
查看: 3310|回复: 14

[已解决]出差一个月 回来虚拟机打不开了 win10 64位系统

[复制链接]
发表于 2017-12-25 16:30:31 | 显示全部楼层 |阅读模式
5鱼币
祝大家圣诞快乐!!!
虚心就求教
最佳答案
2017-12-25 16:30:32
找日志看啊
12-25打不开虚拟机.png

最佳答案

想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

发表于 2017-12-25 16:30:32 | 显示全部楼层    本楼为最佳答案   
找日志看啊
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

 楼主| 发表于 2017-12-27 15:48:02 | 显示全部楼层

日志去哪里找  我笔记本更新了 什么玩意 完事就不能用了 重新卸载安装也是那样  
我比较小白 不会看日志。。。。
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

发表于 2017-12-28 09:29:54 | 显示全部楼层
屁哥 发表于 2017-12-27 15:48
日志去哪里找  我笔记本更新了 什么玩意 完事就不能用了 重新卸载安装也是那样  
我比较小白 不会看日志 ...

上面不是写着呢吗,C:/Users... 那个文件就是日志啊。。。看看里面什么内容
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

发表于 2017-12-28 11:11:09 | 显示全部楼层
ironblood4416 发表于 2017-12-28 09:29
上面不是写着呢吗,C:/Users... 那个文件就是日志啊。。。看看里面什么内容

道法自然  /滑稽
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

 楼主| 发表于 2017-12-28 11:53:08 | 显示全部楼层
wyh33200 发表于 2017-12-28 11:11
道法自然  /滑稽

好的 谢谢 我再看看
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

 楼主| 发表于 2017-12-28 12:08:58 | 显示全部楼层
屁哥 发表于 2017-12-28 11:53
好的 谢谢 我再看看

2e8.33d8: Log file opened: 5.1.22r115126 g_hStartupLog=000000000000006c g_uNtVerCombined=0xa03fab00
2e8.33d8: \SystemRoot\System32\ntdll.dll:
2e8.33d8:     CreationTime:    2017-12-25T03:51:16.670062700Z
2e8.33d8:     LastWriteTime:   2017-12-25T03:51:16.670062700Z
2e8.33d8:     ChangeTime:      2017-12-25T09:23:44.630112100Z
2e8.33d8:     FileAttributes:  0x20
2e8.33d8:     Size:            0x1dd100
2e8.33d8:     NT Headers:      0xe0
2e8.33d8:     Timestamp:       0x493793ea
2e8.33d8:     Machine:         0x8664 - amd64
2e8.33d8:     Timestamp:       0x493793ea
2e8.33d8:     Image Version:   10.0
2e8.33d8:     SizeOfImage:     0x1e0000 (1966080)
2e8.33d8:     Resource Dir:    0x174000 LB 0x6a1d8
2e8.33d8:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
2e8.33d8:     [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)]
2e8.33d8:     ProductName:     Microsoft® Windows® Operating System
2e8.33d8:     ProductVersion:  10.0.16299.64
2e8.33d8:     FileVersion:     10.0.16299.64 (WinBuild.160101.0800)
2e8.33d8:     FileDescription: NT Layer DLL
2e8.33d8: \SystemRoot\System32\kernel32.dll:
2e8.33d8:     CreationTime:    2017-09-29T13:42:04.954227600Z
2e8.33d8:     LastWriteTime:   2017-09-29T13:42:04.954227600Z
2e8.33d8:     ChangeTime:      2017-12-25T03:46:54.613519600Z
2e8.33d8:     FileAttributes:  0x20
2e8.33d8:     Size:            0xab868
2e8.33d8:     NT Headers:      0xe8
2e8.33d8:     Timestamp:       0xc2cf900
2e8.33d8:     Machine:         0x8664 - amd64
2e8.33d8:     Timestamp:       0xc2cf900
2e8.33d8:     Image Version:   10.0
2e8.33d8:     SizeOfImage:     0xae000 (712704)
2e8.33d8:     Resource Dir:    0xac000 LB 0x520
2e8.33d8:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
2e8.33d8:     [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
2e8.33d8:     ProductName:     Microsoft® Windows® Operating System
2e8.33d8:     ProductVersion:  10.0.16299.15
2e8.33d8:     FileVersion:     10.0.16299.15 (WinBuild.160101.0800)
2e8.33d8:     FileDescription: Windows NT BASE API Client DLL
2e8.33d8: \SystemRoot\System32\KernelBase.dll:
2e8.33d8:     CreationTime:    2017-09-29T13:41:43.124345500Z
2e8.33d8:     LastWriteTime:   2017-09-29T13:41:43.124345500Z
2e8.33d8:     ChangeTime:      2017-12-25T03:46:54.707255600Z
2e8.33d8:     FileAttributes:  0x20
2e8.33d8:     Size:            0x266000
2e8.33d8:     NT Headers:      0xf0
2e8.33d8:     Timestamp:       0x4736733c
2e8.33d8:     Machine:         0x8664 - amd64
2e8.33d8:     Timestamp:       0x4736733c
2e8.33d8:     Image Version:   10.0
2e8.33d8:     SizeOfImage:     0x266000 (2514944)
2e8.33d8:     Resource Dir:    0x245000 LB 0x548
2e8.33d8:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
2e8.33d8:     [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
2e8.33d8:     ProductName:     Microsoft® Windows® Operating System
2e8.33d8:     ProductVersion:  10.0.16299.15
2e8.33d8:     FileVersion:     10.0.16299.15 (WinBuild.160101.0800)
2e8.33d8:     FileDescription: Windows NT BASE API Client DLL
2e8.33d8: \SystemRoot\System32\apisetschema.dll:
2e8.33d8:     CreationTime:    2017-09-29T13:42:07.095026600Z
2e8.33d8:     LastWriteTime:   2017-09-29T13:42:07.095026600Z
2e8.33d8:     ChangeTime:      2017-12-25T09:23:44.645739200Z
2e8.33d8:     FileAttributes:  0x20
2e8.33d8:     Size:            0x1b398
2e8.33d8:     NT Headers:      0xc8
2e8.33d8:     Timestamp:       0xf30abf31
2e8.33d8:     Machine:         0x8664 - amd64
2e8.33d8:     Timestamp:       0xf30abf31
2e8.33d8:     Image Version:   10.0
2e8.33d8:     SizeOfImage:     0x1c000 (114688)
2e8.33d8:     Resource Dir:    0x1b000 LB 0x408
2e8.33d8:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
2e8.33d8:     [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
2e8.33d8:     ProductName:     Microsoft® Windows® Operating System
2e8.33d8:     ProductVersion:  10.0.16299.15
2e8.33d8:     FileVersion:     10.0.16299.15 (WinBuild.160101.0800)
2e8.33d8:     FileDescription: ApiSet Schema DLL
2e8.33d8: Found driver mfewfpk (0x20)
2e8.33d8: Found driver mfehidk (0x20)
2e8.33d8: Found driver mfeavfk (0x20)
2e8.33d8: Found driver mfefirek (0x20)
2e8.33d8: supR3HardenedWinFindAdversaries: 0x20
2e8.33d8: \SystemRoot\System32\drivers\cfwids.sys:
2e8.33d8:     CreationTime:    2016-03-11T09:04:44.000000000Z
2e8.33d8:     LastWriteTime:   2016-08-01T22:49:30.000000000Z
2e8.33d8:     ChangeTime:      2017-12-25T03:55:02.836052400Z
2e8.33d8:     FileAttributes:  0x20
2e8.33d8:     Size:            0x13328
2e8.33d8:     NT Headers:      0xf0
2e8.33d8:     Timestamp:       0x571a4aa7
2e8.33d8:     Machine:         0x8664 - amd64
2e8.33d8:     Timestamp:       0x571a4aa7
2e8.33d8:     Image Version:   0.0
2e8.33d8:     SizeOfImage:     0x16000 (90112)
2e8.33d8:     Resource Dir:    0x14000 LB 0x550
2e8.33d8:     [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
2e8.33d8:     [Raw version resource data: 0x140a0 LB 0x318, codepage 0x0 (reserved 0x0)]
2e8.33d8:     ProductName:     SYSCORE
2e8.33d8:     ProductVersion:  15.4.0.822
2e8.33d8:     FileVersion:     SYSCORE.15.4.0.822
2e8.33d8:     PrivateBuild:    SYSCORE.15.4.0.822
2e8.33d8:     FileDescription: McAfee Personal Firewall IDS Plugin
2e8.33d8: \SystemRoot\System32\drivers\mfeavfk.sys:
2e8.33d8:     CreationTime:    2016-03-11T09:04:44.000000000Z
2e8.33d8:     LastWriteTime:   2016-08-01T22:49:30.000000000Z
2e8.33d8:     ChangeTime:      2017-12-25T03:55:02.836052400Z
2e8.33d8:     FileAttributes:  0x20
2e8.33d8:     Size:            0x55528
2e8.33d8:     NT Headers:      0xe8
2e8.33d8:     Timestamp:       0x571a4a46
2e8.33d8:     Machine:         0x8664 - amd64
2e8.33d8:     Timestamp:       0x571a4a46
2e8.33d8:     Image Version:   0.0
2e8.33d8:     SizeOfImage:     0x57000 (356352)
2e8.33d8:     Resource Dir:    0x55000 LB 0x758
2e8.33d8:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
2e8.33d8:     [Raw version resource data: 0x55110 LB 0x334, codepage 0x0 (reserved 0x0)]
2e8.33d8:     ProductName:     SYSCORE
2e8.33d8:     ProductVersion:  15.4.0.822
2e8.33d8:     FileVersion:     SYSCORE.15.4.0.822
2e8.33d8:     PrivateBuild:    SYSCORE.15.4.0.822 F15,F16,F19
2e8.33d8:     FileDescription: Anti-Virus File System Filter Driver
2e8.33d8: \SystemRoot\System32\drivers\mfefirek.sys:
2e8.33d8:     CreationTime:    2016-03-11T09:04:44.000000000Z
2e8.33d8:     LastWriteTime:   2016-08-01T22:49:30.000000000Z
2e8.33d8:  
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

 楼主| 发表于 2017-12-28 12:09:32 | 显示全部楼层
屁哥 发表于 2017-12-28 11:53
好的 谢谢 我再看看

  ChangeTime:      2017-12-25T03:55:02.836052400Z
2e8.33d8:     FileAttributes:  0x20
2e8.33d8:     Size:            0x78728
2e8.33d8:     NT Headers:      0xe8
2e8.33d8:     Timestamp:       0x571a4a87
2e8.33d8:     Machine:         0x8664 - amd64
2e8.33d8:     Timestamp:       0x571a4a87
2e8.33d8:     Image Version:   0.0
2e8.33d8:     SizeOfImage:     0x7b000 (503808)
2e8.33d8:     Resource Dir:    0x77000 LB 0x388
2e8.33d8:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
2e8.33d8:     [Raw version resource data: 0x77060 LB 0x328, codepage 0x0 (reserved 0x0)]
2e8.33d8:     ProductName:     SYSCORE
2e8.33d8:     ProductVersion:  15.4.0.822
2e8.33d8:     FileVersion:     SYSCORE.15.4.0.822
2e8.33d8:     PrivateBuild:    SYSCORE.15.4.0.822 F17,F18
2e8.33d8:     FileDescription: McAfee Core Firewall Engine Driver
2e8.33d8: \SystemRoot\System32\drivers\mfehidk.sys:
2e8.33d8:     CreationTime:    2016-03-11T09:04:44.000000000Z
2e8.33d8:     LastWriteTime:   2016-08-01T22:49:30.000000000Z
2e8.33d8:     ChangeTime:      2017-12-25T03:55:02.836052400Z
2e8.33d8:     FileAttributes:  0x20
2e8.33d8:     Size:            0xcdd28
2e8.33d8:     NT Headers:      0x100
2e8.33d8:     Timestamp:       0x571a49df
2e8.33d8:     Machine:         0x8664 - amd64
2e8.33d8:     Timestamp:       0x571a49df
2e8.33d8:     Image Version:   0.0
2e8.33d8:     SizeOfImage:     0xd9000 (888832)
2e8.33d8:     Resource Dir:    0xd5000 LB 0x758
2e8.33d8:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
2e8.33d8:     [Raw version resource data: 0xd5110 LB 0x320, codepage 0x0 (reserved 0x0)]
2e8.33d8:     ProductName:     SYSCORE
2e8.33d8:     ProductVersion:  15.4.0.822
2e8.33d8:     FileVersion:     SYSCORE.15.4.0.822
2e8.33d8:     PrivateBuild:    SYSCORE.15.4.0.822 F14,F15,F16,F18,F20
2e8.33d8:     FileDescription: McAfee Link Driver
2e8.33d8: \SystemRoot\System32\drivers\mfewfpk.sys:
2e8.33d8:     CreationTime:    2016-03-11T09:04:44.000000000Z
2e8.33d8:     LastWriteTime:   2016-08-01T22:49:30.000000000Z
2e8.33d8:     ChangeTime:      2017-12-25T03:55:02.836052400Z
2e8.33d8:     FileAttributes:  0x20
2e8.33d8:     Size:            0x3b728
2e8.33d8:     NT Headers:      0xf0
2e8.33d8:     Timestamp:       0x571a49f1
2e8.33d8:     Machine:         0x8664 - amd64
2e8.33d8:     Timestamp:       0x571a49f1
2e8.33d8:     Image Version:   0.0
2e8.33d8:     SizeOfImage:     0x59000 (364544)
2e8.33d8:     Resource Dir:    0x57000 LB 0x380
2e8.33d8:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
2e8.33d8:     [Raw version resource data: 0x57060 LB 0x320, codepage 0x0 (reserved 0x0)]
2e8.33d8:     ProductName:     SYSCORE
2e8.33d8:     ProductVersion:  15.4.0.822
2e8.33d8:     FileVersion:     SYSCORE.15.4.0.822
2e8.33d8:     PrivateBuild:    SYSCORE.15.4.0.822 F17,F18
2e8.33d8:     FileDescription: Anti-Virus Mini-Firewall Driver
2e8.33d8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
2e8.33d8: Calling main()
2e8.33d8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2e8.33d8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
2e8.33d8: SUPR3HardenedMain: Respawn #1
2e8.33d8: System32:  \Device\HarddiskVolume3\Windows\System32
2e8.33d8: WinSxS:    \Device\HarddiskVolume3\Windows\WinSxS
2e8.33d8: KnownDllPath: C:\WINDOWS\System32
2e8.33d8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2e8.33d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
2e8.33d8: supR3HardNtEnableThreadCreation:
2e8.33d8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff8981791b0 pvNtTerminateThread=00007ff8981a0890
2e8.33d8: supR3HardenedWinDoReSpawn(1): New child 1a0.303c [kernel32].
2e8.33d8: supR3HardNtChildGatherData: PebBaseAddress=00000000003a9000 cbPeb=0x388
2e8.33d8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff898100000 uNtDllChildAddr=00007ff898100000
2e8.33d8: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff8981791b0
2e8.33d8: supR3HardenedWinSetupChildInit: Start child.
2e8.33d8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 46 ms.
2e8.33d8: supR3HardNtChildPurify: Startup delay kludge #1/0: 514 ms, 60 sleeps
2e8.33d8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2e8.33d8:  *0000000000000000-00000000001bffff 0x0001/0x0000 0x0000000
2e8.33d8:  *00000000001c0000-00000000001dffff 0x0004/0x0004 0x0020000
2e8.33d8:  *00000000001e0000-00000000001f8fff 0x0002/0x0002 0x0040000
2e8.33d8:   00000000001f9000-00000000001fffff 0x0001/0x0000 0x0000000
2e8.33d8:  *0000000000200000-00000000003a8fff 0x0000/0x0004 0x0020000
2e8.33d8:   00000000003a9000-00000000003abfff 0x0004/0x0004 0x0020000
2e8.33d8:   00000000003ac000-00000000003fffff 0x0000/0x0004 0x0020000
2e8.33d8:  *0000000000400000-00000000004fafff 0x0000/0x0004 0x0020000
2e8.33d8:   00000000004fb000-00000000004fdfff 0x0104/0x0004 0x0020000
2e8.33d8:   00000000004fe000-00000000004fffff 0x0004/0x0004 0x0020000
2e8.33d8:  *0000000000500000-0000000000503fff 0x0002/0x0002 0x0040000
2e8.33d8:   0000000000504000-000000000050ffff 0x0001/0x0000 0x0000000
2e8.33d8:  *0000000000510000-0000000000510fff 0x0004/0x0004 0x0020000
2e8.33d8:   0000000000511000-000000007ffdffff 0x0001/0x0000 0x0000000
2e8.33d8:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
2e8.33d8:  *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
2e8.33d8:   000000007fff0000-00007ff742bfffff 0x0001/0x0000 0x0000000
2e8.33d8:  *00007ff742c00000-00007ff742c32fff 0x0002/0x0002 0x0040000
2e8.33d8:   00007ff742c33000-00007ff74383ffff 0x0001/0x0000 0x0000000
2e8.33d8:  *00007ff743840000-00007ff743840fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2e8.33d8:   00007ff743841000-00007ff7438b0fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2e8.33d8:   00007ff7438b1000-00007ff7438b1fff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2e8.33d8:   00007ff7438b2000-00007ff7438f6fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2e8.33d8:   00007ff7438f7000-00007ff7438f7fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2e8.33d8:   00007ff7438f8000-00007ff7438f8fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2e8.33d8:   00007ff7438f9000-00007ff7438fdfff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2e8.33d8:   00007ff7438fe000-00007ff7438fefff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2e8.33d8:   00007ff7438ff000-00007ff7438fffff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2e8.33d8:   00007ff743900000-00007ff743903fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2e8.33d8:   00007ff743904000-00007ff74394bfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
2e8.33d8:   00007ff74394c000-00007ff8980fffff 0x0001/0x0000 0x0000000
2e8.33d8:  *00007ff898100000-00007ff898100fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2e8.33d8:   00007ff898101000-00007ff898212fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2e8.33d8:   00007ff898213000-00007ff898258fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2e8.33d8:   00007ff898259000-00007ff898260fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2e8.33d8:   00007ff898261000-00007ff89826efff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2e8.33d8:   00007ff89826f000-00007ff89826ffff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2e8.33d8:   00007ff898270000-00007ff898272fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2e8.33d8:   00007ff898273000-00007ff8982dffff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2e8.33d8:   00007ff8982e0000-00007ffffffdffff 0x0001/0x0000 0x0000000
2e8.33d8:  *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
2e8.33d8:
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

 楼主| 发表于 2017-12-28 12:10:06 | 显示全部楼层
屁哥 发表于 2017-12-28 11:53
好的 谢谢 我再看看

  VirtualBox.exe: timestamp 0x5903619d (rc=VINF_SUCCESS)
2e8.33d8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2e8.33d8: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
2e8.33d8: supR3HardNtChildPurify: Done after 582 ms and 0 fixes (loop #0).
1a0.303c: Log file opened: 5.1.22r115126 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03fab00
2e8.33d8: supR3HardNtEnableThreadCreation:
1a0.303c: supR3HardenedVmProcessInit: uNtDllAddr=00007ff898100000 g_uNtVerCombined=0xa03fab00
1a0.303c: ntdll.dll: timestamp 0x493793ea (rc=VINF_SUCCESS)
1a0.303c: New simple heap: #1 0000000000620000 LB 0x400000 (for 1966080 allocation)
1a0.303c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
1a0.303c: System32:  \Device\HarddiskVolume3\Windows\System32
1a0.303c: WinSxS:    \Device\HarddiskVolume3\Windows\WinSxS
1a0.303c: KnownDllPath: C:\WINDOWS\System32
1a0.303c: supR3HardenedVmProcessInit: Opening vboxdrv stub...
1a0.303c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
1a0.303c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
1a0.303c: Registered Dll notification callback with NTDLL.
1a0.303c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
1a0.303c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
1a0.303c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
1a0.303c: supR3HardenedDllNotificationCallback: load   00007ff894b10000 LB 0x00266000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
1a0.303c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
1a0.303c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
1a0.303c: supR3HardenedDllNotificationCallback: load   00007ff8957e0000 LB 0x000ae000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
1a0.303c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1a0.303c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8957e0000 'C:\WINDOWS\System32\KERNEL32.DLL'
1a0.303c: supR3HardenedDllNotificationCallback: load   00007ff743840000 LB 0x0010c000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
1a0.303c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1a0.303c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1a0.303c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff8981791b0 pvNtTerminateThread=00007ff8981a0890
2e8.33d8: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 89 ms.
1a0.303c: \SystemRoot\System32\ntdll.dll:
1a0.303c:     CreationTime:    2017-12-25T03:51:16.670062700Z
1a0.303c:     LastWriteTime:   2017-12-25T03:51:16.670062700Z
1a0.303c:     ChangeTime:      2017-12-25T09:23:44.630112100Z
1a0.303c:     FileAttributes:  0x20
1a0.303c:     Size:            0x1dd100
1a0.303c:     NT Headers:      0xe0
1a0.303c:     Timestamp:       0x493793ea
1a0.303c:     Machine:         0x8664 - amd64
1a0.303c:     Timestamp:       0x493793ea
1a0.303c:     Image Version:   10.0
1a0.303c:     SizeOfImage:     0x1e0000 (1966080)
1a0.303c:     Resource Dir:    0x174000 LB 0x6a1d8
1a0.303c:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1a0.303c:     [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1a0.303c:     ProductName:     Microsoft&#174; Windows&#174; Operating System
1a0.303c:     ProductVersion:  10.0.16299.64
1a0.303c:     FileVersion:     10.0.16299.64 (WinBuild.160101.0800)
1a0.303c:     FileDescription: NT Layer DLL
1a0.303c: \SystemRoot\System32\kernel32.dll:
1a0.303c:     CreationTime:    2017-09-29T13:42:04.954227600Z
1a0.303c:     LastWriteTime:   2017-09-29T13:42:04.954227600Z
1a0.303c:     ChangeTime:      2017-12-25T03:46:54.613519600Z
1a0.303c:     FileAttributes:  0x20
1a0.303c:     Size:            0xab868
1a0.303c:     NT Headers:      0xe8
1a0.303c:     Timestamp:       0xc2cf900
1a0.303c:     Machine:         0x8664 - amd64
1a0.303c:     Timestamp:       0xc2cf900
1a0.303c:     Image Version:   10.0
1a0.303c:     SizeOfImage:     0xae000 (712704)
1a0.303c:     Resource Dir:    0xac000 LB 0x520
1a0.303c:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
1a0.303c:     [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
1a0.303c:     ProductName:     Microsoft&#174; Windows&#174; Operating System
1a0.303c:     ProductVersion:  10.0.16299.15
1a0.303c:     FileVersion:     10.0.16299.15 (WinBuild.160101.0800)
1a0.303c:     FileDescription: Windows NT BASE API Client DLL
1a0.303c: \SystemRoot\System32\KernelBase.dll:
1a0.303c:     CreationTime:    2017-09-29T13:41:43.124345500Z
1a0.303c:     LastWriteTime:   2017-09-29T13:41:43.124345500Z
1a0.303c:     ChangeTime:      2017-12-25T03:46:54.707255600Z
1a0.303c:     FileAttributes:  0x20
1a0.303c:     Size:            0x266000
1a0.303c:     NT Headers:      0xf0
1a0.303c:     Timestamp:       0x4736733c
1a0.303c:     Machine:         0x8664 - amd64
1a0.303c:     Timestamp:       0x4736733c
1a0.303c:     Image Version:   10.0
1a0.303c:     SizeOfImage:     0x266000 (2514944)
1a0.303c:     Resource Dir:    0x245000 LB 0x548
1a0.303c:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
1a0.303c:     [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
1a0.303c:     ProductName:     Microsoft&#174; Windows&#174; Operating System
1a0.303c:     ProductVersion:  10.0.16299.15
1a0.303c:     FileVersion:     10.0.16299.15 (WinBuild.160101.0800)
1a0.303c:     FileDescription: Windows NT BASE API Client DLL
1a0.303c: \SystemRoot\System32\apisetschema.dll:
1a0.303c:     CreationTime:    2017-09-29T13:42:07.095026600Z
1a0.303c:     LastWriteTime:   2017-09-29T13:42:07.095026600Z
1a0.303c:     ChangeTime:      2017-12-25T09:23:44.645739200Z
1a0.303c:     FileAttributes:  0x20
1a0.303c:     Size:            0x1b398
1a0.303c:     NT Headers:      0xc8
1a0.303c:     Timestamp:       0xf30abf31
1a0.303c:     Machine:         0x8664 - amd64
1a0.303c:     Timestamp:       0xf30abf31
1a0.303c:     Image Version:   10.0
1a0.303c:     SizeOfImage:     0x1c000 (114688)
1a0.303c:     Resource Dir:    0x1b000 LB 0x408
1a0.303c:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1a0.303c:     [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
1a0.303c:     ProductName:     Microsoft&#174; Windows&#174; Operating System
1a0.303c:     ProductVersion:  10.0.16299.15
1a0.303c:     FileVersion:     10.0.16299.15 (WinBuild.160101.0800)
1a0.303c:     FileDescription: ApiSet Schema DLL
1a0.303c: Found driver mfewfpk (0x20)
1a0.303c: Found driver mfehidk (0x20)
1a0.303c: Found driver mfeavfk (0x20)
1a0.303c: Found driver mfefirek (0x20)
1a0.303c: supR3HardenedWinFindAdversaries: 0x20
1a0.303c: \SystemRoot\System32\drivers\cfwids.sys:
1a0.303c:     CreationTime:    2016-03-11T09:04:44.000000000Z
1a0.303c:     LastWriteTime:   2016-08-01T22:49:30.000000000Z
1a0.303c:     ChangeTime:      2017-12-25T03:55:02.836052400Z
1a0.303c:     FileAttributes:  0x20
1a0.303c:     Size:            0x13328
1a0.303c:     NT Headers:      0xf0
1a0.303c:     Timestamp:       0x571a4aa7
1a0.303c:     Machine:         0x8664 - amd64
1a0.303c:     Timestamp:       0x571a4aa7
1a0.303c:     Image Version:   0.0
1a0.303c:     SizeOfImage:     0x16000 (90112)
1a0.303c:     Resource Dir:    0x14000 LB 0x550
1a0.303c:     [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
1a0.303c:     [Raw version resource data: 0x140a0 LB 0x318, codepage 0x0 (reserved 0x0)]
1a0.303c:     ProductName:     SYSCORE
1a0.303c:     ProductVersion:  15.4.0.822
1a0.303c:     FileVersion:     SYSCORE.15.4.0.822
1a0.303c:     PrivateBuild:    SYSCORE.15.4.0.822
1a0.303c:     FileDescription: McAfee Personal Firewall IDS Plugin
1a0.303c: \SystemRoot\System32\drivers\mfeavfk.sys:
1a0.303c:   
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

 楼主| 发表于 2017-12-28 12:10:42 | 显示全部楼层
屁哥 发表于 2017-12-28 11:53
好的 谢谢 我再看看

CreationTime:    2016-03-11T09:04:44.000000000Z
1a0.303c:     LastWriteTime:   2016-08-01T22:49:30.000000000Z
1a0.303c:     ChangeTime:      2017-12-25T03:55:02.836052400Z
1a0.303c:     FileAttributes:  0x20
1a0.303c:     Size:            0x55528
1a0.303c:     NT Headers:      0xe8
1a0.303c:     Timestamp:       0x571a4a46
1a0.303c:     Machine:         0x8664 - amd64
1a0.303c:     Timestamp:       0x571a4a46
1a0.303c:     Image Version:   0.0
1a0.303c:     SizeOfImage:     0x57000 (356352)
1a0.303c:     Resource Dir:    0x55000 LB 0x758
1a0.303c:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1a0.303c:     [Raw version resource data: 0x55110 LB 0x334, codepage 0x0 (reserved 0x0)]
1a0.303c:     ProductName:     SYSCORE
1a0.303c:     ProductVersion:  15.4.0.822
1a0.303c:     FileVersion:     SYSCORE.15.4.0.822
1a0.303c:     PrivateBuild:    SYSCORE.15.4.0.822 F15,F16,F19
1a0.303c:     FileDescription: Anti-Virus File System Filter Driver
1a0.303c: \SystemRoot\System32\drivers\mfefirek.sys:
1a0.303c:     CreationTime:    2016-03-11T09:04:44.000000000Z
1a0.303c:     LastWriteTime:   2016-08-01T22:49:30.000000000Z
1a0.303c:     ChangeTime:      2017-12-25T03:55:02.836052400Z
1a0.303c:     FileAttributes:  0x20
1a0.303c:     Size:            0x78728
1a0.303c:     NT Headers:      0xe8
1a0.303c:     Timestamp:       0x571a4a87
1a0.303c:     Machine:         0x8664 - amd64
1a0.303c:     Timestamp:       0x571a4a87
1a0.303c:     Image Version:   0.0
1a0.303c:     SizeOfImage:     0x7b000 (503808)
1a0.303c:     Resource Dir:    0x77000 LB 0x388
1a0.303c:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1a0.303c:     [Raw version resource data: 0x77060 LB 0x328, codepage 0x0 (reserved 0x0)]
1a0.303c:     ProductName:     SYSCORE
1a0.303c:     ProductVersion:  15.4.0.822
1a0.303c:     FileVersion:     SYSCORE.15.4.0.822
1a0.303c:     PrivateBuild:    SYSCORE.15.4.0.822 F17,F18
1a0.303c:     FileDescription: McAfee Core Firewall Engine Driver
1a0.303c: \SystemRoot\System32\drivers\mfehidk.sys:
1a0.303c:     CreationTime:    2016-03-11T09:04:44.000000000Z
1a0.303c:     LastWriteTime:   2016-08-01T22:49:30.000000000Z
1a0.303c:     ChangeTime:      2017-12-25T03:55:02.836052400Z
1a0.303c:     FileAttributes:  0x20
1a0.303c:     Size:            0xcdd28
1a0.303c:     NT Headers:      0x100
1a0.303c:     Timestamp:       0x571a49df
1a0.303c:     Machine:         0x8664 - amd64
1a0.303c:     Timestamp:       0x571a49df
1a0.303c:     Image Version:   0.0
1a0.303c:     SizeOfImage:     0xd9000 (888832)
1a0.303c:     Resource Dir:    0xd5000 LB 0x758
1a0.303c:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1a0.303c:     [Raw version resource data: 0xd5110 LB 0x320, codepage 0x0 (reserved 0x0)]
1a0.303c:     ProductName:     SYSCORE
1a0.303c:     ProductVersion:  15.4.0.822
1a0.303c:     FileVersion:     SYSCORE.15.4.0.822
1a0.303c:     PrivateBuild:    SYSCORE.15.4.0.822 F14,F15,F16,F18,F20
1a0.303c:     FileDescription: McAfee Link Driver
1a0.303c: \SystemRoot\System32\drivers\mfewfpk.sys:
1a0.303c:     CreationTime:    2016-03-11T09:04:44.000000000Z
1a0.303c:     LastWriteTime:   2016-08-01T22:49:30.000000000Z
1a0.303c:     ChangeTime:      2017-12-25T03:55:02.836052400Z
1a0.303c:     FileAttributes:  0x20
1a0.303c:     Size:            0x3b728
1a0.303c:     NT Headers:      0xf0
1a0.303c:     Timestamp:       0x571a49f1
1a0.303c:     Machine:         0x8664 - amd64
1a0.303c:     Timestamp:       0x571a49f1
1a0.303c:     Image Version:   0.0
1a0.303c:     SizeOfImage:     0x59000 (364544)
1a0.303c:     Resource Dir:    0x57000 LB 0x380
1a0.303c:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1a0.303c:     [Raw version resource data: 0x57060 LB 0x320, codepage 0x0 (reserved 0x0)]
1a0.303c:     ProductName:     SYSCORE
1a0.303c:     ProductVersion:  15.4.0.822
1a0.303c:     FileVersion:     SYSCORE.15.4.0.822
1a0.303c:     PrivateBuild:    SYSCORE.15.4.0.822 F17,F18
1a0.303c:     FileDescription: Anti-Virus Mini-Firewall Driver
1a0.303c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
1a0.303c: Calling main()
1a0.303c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
1a0.303c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
1a0.303c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1a0.303c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1a0.303c: SUPR3HardenedMain: Respawn #2
1a0.303c: supR3HardNtEnableThreadCreation:
1a0.303c: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
1a0.303c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll)
1a0.303c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1a0.303c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1a0.303c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff898100000 'C:\WINDOWS\System32\ntdll.dll'
1a0.303c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff8981791b0 pvNtTerminateThread=00007ff8981a0890
1a0.303c: supR3HardenedWinDoReSpawn(2): New child 28a8.22fc [kernel32].
1a0.303c: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
1a0.303c: supR3HardNtChildGatherData: PebBaseAddress=0000000000964000 cbPeb=0x388
1a0.303c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff898100000 uNtDllChildAddr=00007ff898100000
1a0.303c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff8981791b0
1a0.303c: supR3HardenedWinSetupChildInit: Start child.
1a0.303c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 19 ms.
1a0.303c: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 59 sleeps
1a0.303c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
1a0.303c:  *0000000000000000-00000000006bffff 0x0001/0x0000 0x0000000
1a0.303c:  *00000000006c0000-00000000006dffff 0x0004/0x0004 0x0020000
1a0.303c:  *00000000006e0000-00000000006f8fff 0x0002/0x0002 0x0040000
1a0.303c:   00000000006f9000-00000000006fffff 0x0001/0x0000 0x0000000
1a0.303c:  *0000000000700000-00000000007fafff 0x0000/0x0004 0x0020000
1a0.303c:   00000000007fb000-00000000007fdfff 0x0104/0x0004 0x0020000
1a0.303c:   00000000007fe000-00000000007fffff 0x0004/0x0004 0x0020000
1a0.303c:  *0000000000800000-0000000000963fff 0x0000/0x0004 0x0020000
1a0.303c:   0000000000964000-0000000000966fff 0x0004/0x0004 0x0020000
1a0.303c:   0000000000967000-00000000009fffff 0x0000/0x0004 0x0020000
1a0.303c:  *0000000000a00000-0000000000a03fff 0x0002/0x0002 0x0040000
1a0.303c:   0000000000a04000-0000000000a0ffff 0x0001/0x0000 0x0000000
1a0.303c:  *0000000000a10000-0000000000a10fff 0x0004/0x0004 0x0020000
1a0.303c:   0000000000a11000-000000007ffdffff 0x0001/0x0000 0x0000000
1a0.303c:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
1a0.303c:  *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
1a0.303c:   000000007fff0000-00007ff742c8ffff 0x0001/0x0000 0x0000000
1a0.303c:  *00007ff742c90000-00007ff742cc2fff 0x0002/0x0002 0x0040000
1a0.303c:   00007ff742cc3000-00007ff74383ffff 0x0001/0x0000 0x0000000
1a0.303c:  *00007ff743840000-00007ff743840fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c:   00007ff743841000-00007ff7438b0fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c:   00007ff7438b1000-00007ff7438b1fff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c:   00007ff7438b2000-00007ff7438f6fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c:   00007ff7438f7000-00007ff7438f7fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c:   00007ff7438f8000-00007ff7438f8fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c:   00007ff7438f9000-00007ff7438fdfff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c:   00007ff7438fe000-00007ff7438fefff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c:
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

 楼主| 发表于 2017-12-28 12:11:24 | 显示全部楼层
wyh33200 发表于 2017-12-28 11:11
道法自然  /滑稽

  00007ff7438ff000-00007ff7438fffff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c:   00007ff743900000-00007ff743903fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c:   00007ff743904000-00007ff74394bfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
1a0.303c:   00007ff74394c000-00007ff8980fffff 0x0001/0x0000 0x0000000
1a0.303c:  *00007ff898100000-00007ff898100fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1a0.303c:   00007ff898101000-00007ff898212fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1a0.303c:   00007ff898213000-00007ff898258fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1a0.303c:   00007ff898259000-00007ff898260fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1a0.303c:   00007ff898261000-00007ff89826efff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1a0.303c:   00007ff89826f000-00007ff89826ffff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1a0.303c:   00007ff898270000-00007ff898272fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1a0.303c:   00007ff898273000-00007ff8982dffff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1a0.303c:   00007ff8982e0000-00007ffffffdffff 0x0001/0x0000 0x0000000
1a0.303c:  *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
1a0.303c: VirtualBox.exe: timestamp 0x5903619d (rc=VINF_SUCCESS)
1a0.303c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1a0.303c: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
1a0.303c: supR3HardNtChildPurify: Done after 577 ms and 0 fixes (loop #0).
1a0.303c: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000620000 LB 0x400000)
28a8.22fc: Log file opened: 5.1.22r115126 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03fab00
28a8.22fc: supR3HardenedVmProcessInit: uNtDllAddr=00007ff898100000 g_uNtVerCombined=0xa03fab00
1a0.303c: supR3HardNtEnableThreadCreation:
28a8.22fc: ntdll.dll: timestamp 0x493793ea (rc=VINF_SUCCESS)
28a8.22fc: New simple heap: #1 0000000000b20000 LB 0x400000 (for 1966080 allocation)
28a8.22fc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
28a8.22fc: System32:  \Device\HarddiskVolume3\Windows\System32
28a8.22fc: WinSxS:    \Device\HarddiskVolume3\Windows\WinSxS
28a8.22fc: KnownDllPath: C:\WINDOWS\System32
28a8.22fc: supR3HardenedVmProcessInit: Opening vboxdrv...
28a8.22fc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
28a8.22fc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
28a8.22fc: Registered Dll notification callback with NTDLL.
28a8.22fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
28a8.22fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
28a8.22fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
28a8.22fc: supR3HardenedDllNotificationCallback: load   00007ff894b10000 LB 0x00266000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
28a8.22fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
28a8.22fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
28a8.22fc: supR3HardenedDllNotificationCallback: load   00007ff8957e0000 LB 0x000ae000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
28a8.22fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
28a8.22fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8957e0000 'C:\WINDOWS\System32\KERNEL32.DLL'
28a8.22fc: supR3HardenedDllNotificationCallback: load   00007ff743840000 LB 0x0010c000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
28a8.22fc: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
28a8.22fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
28a8.22fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
28a8.22fc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff8981791b0 pvNtTerminateThread=00007ff8981a0890
1a0.303c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 100 ms.
28a8.22fc: \SystemRoot\System32\ntdll.dll:
28a8.22fc:     CreationTime:    2017-12-25T03:51:16.670062700Z
28a8.22fc:     LastWriteTime:   2017-12-25T03:51:16.670062700Z
28a8.22fc:     ChangeTime:      2017-12-25T09:23:44.630112100Z
28a8.22fc:     FileAttributes:  0x20
28a8.22fc:     Size:            0x1dd100
28a8.22fc:     NT Headers:      0xe0
28a8.22fc:     Timestamp:       0x493793ea
28a8.22fc:     Machine:         0x8664 - amd64
28a8.22fc:     Timestamp:       0x493793ea
28a8.22fc:     Image Version:   10.0
28a8.22fc:     SizeOfImage:     0x1e0000 (1966080)
28a8.22fc:     Resource Dir:    0x174000 LB 0x6a1d8
28a8.22fc:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
28a8.22fc:     [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)]
28a8.22fc:     ProductName:     Microsoft&#174; Windows&#174; Operating System
28a8.22fc:     ProductVersion:  10.0.16299.64
28a8.22fc:     FileVersion:     10.0.16299.64 (WinBuild.160101.0800)
28a8.22fc:     FileDescription: NT Layer DLL
28a8.22fc: \SystemRoot\System32\kernel32.dll:
28a8.22fc:     CreationTime:    2017-09-29T13:42:04.954227600Z
28a8.22fc:     LastWriteTime:   2017-09-29T13:42:04.954227600Z
28a8.22fc:     ChangeTime:      2017-12-25T03:46:54.613519600Z
28a8.22fc:     FileAttributes:  0x20
28a8.22fc:     Size:            0xab868
28a8.22fc:     NT Headers:      0xe8
28a8.22fc:     Timestamp:       0xc2cf900
28a8.22fc:     Machine:         0x8664 - amd64
28a8.22fc:     Timestamp:       0xc2cf900
28a8.22fc:     Image Version:   10.0
28a8.22fc:     SizeOfImage:     0xae000 (712704)
28a8.22fc:     Resource Dir:    0xac000 LB 0x520
28a8.22fc:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
28a8.22fc:     [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
28a8.22fc:     ProductName:     Microsoft&#174; Windows&#174; Operating System
28a8.22fc:     ProductVersion:  10.0.16299.15
28a8.22fc:     FileVersion:     10.0.16299.15 (WinBuild.160101.0800)
28a8.22fc:     FileDescription: Windows NT BASE API Client DLL
28a8.22fc: \SystemRoot\System32\KernelBase.dll:
28a8.22fc:     CreationTime:    2017-09-29T13:41:43.124345500Z
28a8.22fc:     LastWriteTime:   2017-09-29T13:41:43.124345500Z
28a8.22fc:     ChangeTime:      2017-12-25T03:46:54.707255600Z
28a8.22fc:     FileAttributes:  0x20
28a8.22fc:     Size:            0x266000
28a8.22fc:     NT Headers:      0xf0
28a8.22fc:     Timestamp:       0x4736733c
28a8.22fc:     Machine:         0x8664 - amd64
28a8.22fc:     Timestamp:       0x4736733c
28a8.22fc:     Image Version:   10.0
28a8.22fc:     SizeOfImage:     0x266000 (2514944)
28a8.22fc:     Resource Dir:    0x245000 LB 0x548
28a8.22fc:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
28a8.22fc:     [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
28a8.22fc:     ProductName:     Microsoft&#174; Windows&#174; Operating System
28a8.22fc:     ProductVersion:  10.0.16299.15
28a8.22fc:     FileVersion:     10.0.16299.15 (WinBuild.160101.0800)
28a8.22fc:     FileDescription: Windows NT BASE API Client DLL
28a8.22fc: \SystemRoot\System32\apisetschema.dll:
28a8.22fc:     CreationTime:    2017-09-29T13:42:07.095026600Z
28a8.22fc:     LastWriteTime:   2017-09-29T13:42:07.095026600Z
28a8.22fc:     ChangeTime:      2017-12-25T09:23:44.645739200Z
28a8.22fc:     FileAttributes:  0x20
28a8.22fc:     Size:            0x1b398
28a8.22fc:     NT Headers:      0xc8
28a8.22fc:     Timestamp:       0xf30abf31
28a8.22fc:     Machine:         0x8664 - amd64
28a8.22fc:     Timestamp:       0xf30abf31
28a8.22fc:     Image Version:   10.0
28a8.22fc:     SizeOfImage:     0x1c000 (114688)
28a8.22fc:     Resource Dir:    0x1b000 LB 0x408
28a8.22fc:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
28a8.22fc:     [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
28a8.22fc:     ProductName:     Microsoft&#174; Windows&#174; Operating System
28a8.22fc:
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

 楼主| 发表于 2017-12-28 13:00:34 | 显示全部楼层
wyh33200 发表于 2017-12-28 11:11
道法自然  /滑稽

好多日志 完全看不懂
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

 楼主| 发表于 2017-12-28 13:13:22 | 显示全部楼层
没办法 只能发 五千字  我这个 日志好多 我就截图了一大堆  希望 师兄师姐们帮帮小弟
日志15.png
虚拟机报错.png
日志1.png
日志2.png
日志3.png
日志4.png
日志5.png
日志6.png
日志7.png
日志8.png
日志9.png
日志10.png
日志11.png
日志12.png
日志13.png
日志14.png
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

 楼主| 发表于 2017-12-28 13:18:15 | 显示全部楼层

谢谢 重新发布了 麻烦有空帮看看
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

发表于 2017-12-28 15:22:02 | 显示全部楼层
想知道小甲鱼最近在做啥?请访问 -> ilovefishc.com
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

小黑屋|手机版|Archiver|鱼C工作室 ( 粤ICP备18085999号-1 | 粤公网安备 44051102000585号)

GMT+8, 2024-11-29 04:03

Powered by Discuz! X3.4

© 2001-2023 Discuz! Team.

快速回复 返回顶部 返回列表