I was pleasantly surprised when MBAM was able to install and run with only minor issues on ROS. I downloaded the latest installer from their website, double-clicked and it went! Updating went fine, as well as the scanning. However, this was when a semi-major issue arose. It found two registry entries that were bad/broken and asked me to quarantine them. I knew better, but I wanted to see what happened, so I quarantined them. Sure enough, now when ROS starts I get a blank blue screen with a cursor and nothing else.
I am running ROS on VirtualBox, installed from install disk ISO downloaded a few weeks ago. Unfortunately I don't have a specific revision number. I'm currently trying to get access to the files in the VDI, because I saved the MBAM log before I rebooted. I'll post it here when I have it.
I guess my main question is - is this a MBAM issue, not working with ROS registry hives correctly, or is this an issue in ROS, where someone fudged a registry value to make it 'just work'?
SIde note - I also tried to install AVG Anti-Virus Free 2014, but the installer gave me an error immediately that this version of Windows was not supported. Shucks... Is there any AV software confirmed to work on ROS?
Malwarebytes' Anti-Malware on ROS
Moderator: Moderator Team
-
karlexceed
- Posts: 531
- Joined: Thu Jan 10, 2013 6:17 pm
- Contact:
Re: Malwarebytes' Anti-Malware on ROS
I don't know much about the registry entries, so I'll respond only to the side note.
ClamAV may work
Try to set ROS to report as a workstation (maybe this doesn't work, but let's try): Computer -> Properties -> Advanced -> System settings (on the bottom left) -> Report as workstation. I have a different language, so maybe the names are a bit off. This should allow also AVG, Avast and the others to at least try to start.
ClamAV may work
Try to set ROS to report as a workstation (maybe this doesn't work, but let's try): Computer -> Properties -> Advanced -> System settings (on the bottom left) -> Report as workstation. I have a different language, so maybe the names are a bit off. This should allow also AVG, Avast and the others to at least try to start.
-
justincase
- Posts: 441
- Joined: Sat Nov 15, 2008 4:13 pm
Re: Malwarebytes' Anti-Malware on ROS
This is not actually a response to one of the questions you asked, but rather a possible solution to one of the mentioned tasks.
You can just go to it in a recent version of Firefox or Chrome, drag the vdi (or other virtual disk image) to the "Select Disk Image" button (or click "Select Disk Image" and browse for the file), find the file you want to get out of it, and "Open" it to start the "Download" (Odd use of the terminology I know, but it is a file browser, in an internet page, accessing a local file, to browse a virtual image. Fun.)
www.VMXRay.com is pretty easy to use.karlexceed wrote:I'm currently trying to get access to the files in the VDI, because I saved the MBAM log before I rebooted. I'll post it here when I have it.
You can just go to it in a recent version of Firefox or Chrome, drag the vdi (or other virtual disk image) to the "Select Disk Image" button (or click "Select Disk Image" and browse for the file), find the file you want to get out of it, and "Open" it to start the "Download" (Odd use of the terminology I know, but it is a file browser, in an internet page, accessing a local file, to browse a virtual image. Fun.)
I reserve the right to ignore any portion of any post if I deem it not constructive or likely to cause the discussion to degenerate.
-
karlexceed
- Posts: 531
- Joined: Thu Jan 10, 2013 6:17 pm
- Contact:
Re: Malwarebytes' Anti-Malware on ROS
Here's the MBAM log:
Code: Select all
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 6/2/2014
Scan Time: 12:14:41 PM
Logfile: mbam.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.06.02.06
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows Server 2003 Service Pack 1
CPU: x86
File System: FAT32
User: Administrator
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 129584
Time Elapsed: 1 min, 58 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 2
Broken.OpenCommand, HKCR\comfile\shell\open\command, Good: ("Bad: ()" %*), ,[ffffffffffffffffffffffffffffffff], %5
Broken.OpenCommand, HKCR\piffile\shell\open\command, Good: ("Bad: ()" %*), ,[ffffffffffffffffffffffffffffffff], %5
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Malwarebytes' Anti-Malware on ROS
To find the revision (build) numbers of your ReactOS system, press CTRL-ESC or the logo key* to open the Start menu. Use the up-arrow key until Run... is highlighted then press Enter. Type sysdm.cpl and press Enter. On the property sheet that appears, look for the heading "System:" under the ReactOS logo. The revision is identified in the third line below that heading. The revision number follows the letter 'r'. Use the revision number because many revisions report "Version 0.4 SVN".karlexceed wrote:Unfortunately I don't have a specific revision number.
Here is a mouse-only method that reaches the same property sheet: click Start [button] > Settings [menu] > System [icon] > General [tab].
*My test rig's keyboard has a cosmetic defect. Its ReactOS logo key has a mark that looks like Microsoft's Windows logo.
Re: Malwarebytes' Anti-Malware on ROS
Since his ROS doesn't boot, it will be hard to do that Another quick way to see revision number after boot is to run Command Prompt from the desktop link, it displays the revision in header. If the ReactOS starts booting, but does not get to the desktop, using this tutorial (if you're under Windows) can get debug log - revision number is written in one of the very first lines.
Another quick way to see revision number after boot is to run Command Prompt from the desktop link, it displays the revision in header. If the ReactOS starts booting, but does not get to the desktop, using this tutorial (if you're under Windows) can get debug log - revision number is written in one of the very first lines.-
karlexceed
- Posts: 531
- Joined: Thu Jan 10, 2013 6:17 pm
- Contact:
Re: Malwarebytes' Anti-Malware on ROS
Aw, dang. I already re-installed over top using the latest download page-linked install disk. If I had known about that trick I would've done that!
Following middings' advice, I went looking for the revision of my current install and i found - "UNKNOWN"
And BlackFox - I tried the win32 ClamAV, 'Immunet' - no go; the installer freezes while downloading the rest of the program files.
Following middings' advice, I went looking for the revision of my current install and i found - "UNKNOWN"
And BlackFox - I tried the win32 ClamAV, 'Immunet' - no go; the installer freezes while downloading the rest of the program files.
-
justincase
- Posts: 441
- Joined: Sat Nov 15, 2008 4:13 pm
Re: Malwarebytes' Anti-Malware on ROS
If you're using an ISO which you downloaded from here, and the revision is referenced as "UNKNOWN" (or similar), then you're probably using a "Release" build (most recent is currently 0.3.16). Unfortunately "Release" builds are always out of date (in comparison to current trunk builds), and since tracking down issues in the "Release" build only to find that it's one of the many issues that have been fixed in later trunk builds would be somewhat wasteful of the relatively small developer task force ReactOS has, it is always recommended that testers who want to have some involvement in the project use the latest trunk builds. (Download trunk builds from the Get Builds page.)karlexceed wrote:Following middings' advice, I went looking for the revision of my current install and i found - "UNKNOWN"
It's not real-time, but I recommend trying ClamWin www.clamwin.com and/or ClamWin Portable www.portableapps.com/apps/security/clamwin_portablekarlexceed wrote:And BlackFox - I tried the win32 ClamAV, 'Immunet' - no go; the installer freezes while downloading the rest of the program files.
I reserve the right to ignore any portion of any post if I deem it not constructive or likely to cause the discussion to degenerate.
-
karlexceed
- Posts: 531
- Joined: Thu Jan 10, 2013 6:17 pm
- Contact:
Re: Malwarebytes' Anti-Malware on ROS
Ah, then likely I was running the same release version before as well. Will try again today with the latest trunk (63537).
-
karlexceed
- Posts: 531
- Joined: Thu Jan 10, 2013 6:17 pm
- Contact:
Re: Malwarebytes' Anti-Malware on ROS
Well... Unfortunately it seems to be a bit of regression in terms of these third party apps' functionality.
Immunet's installer no longer freezes, but BSODs. Malwarebytes installs just fine, updates fine, but BSODs while it's scanning. And AVG still complains immediately when trying to run the installer. And last but not least ClamWin installs, but will not run. It says mscvr80.dll is missing, even after I installed the MS VC++ 2005 runtime and re-installed ClamWin.
I know MS Security Essentials won't even install on XP anymore, but I gave that a shot too. The newest version (for Vista/7 32-bit) does nothing when running the installer, and the same for an older version that still works to install on XP. I assume it's some kind of check that MS does on start up.
So so far, very little luck with AV software on ROS. This investigation has got me wondering about how well malware and viruses themselves work on ROS. Kinda tempted to CryptoLocker my ROS VM and see what happens...
Immunet's installer no longer freezes, but BSODs. Malwarebytes installs just fine, updates fine, but BSODs while it's scanning. And AVG still complains immediately when trying to run the installer. And last but not least ClamWin installs, but will not run. It says mscvr80.dll is missing, even after I installed the MS VC++ 2005 runtime and re-installed ClamWin.
I know MS Security Essentials won't even install on XP anymore, but I gave that a shot too. The newest version (for Vista/7 32-bit) does nothing when running the installer, and the same for an older version that still works to install on XP. I assume it's some kind of check that MS does on start up.
So so far, very little luck with AV software on ROS. This investigation has got me wondering about how well malware and viruses themselves work on ROS. Kinda tempted to CryptoLocker my ROS VM and see what happens...
Re: Malwarebytes' Anti-Malware on ROS
Ah, regressions...what would we do without them?karlexceed wrote:Well... Unfortunately it seems to be a bit of regression in terms of these third party apps' functionality.
Immunet's installer no longer freezes, but BSODs. Malwarebytes installs just fine, updates fine, but BSODs while it's scanning. And AVG still complains immediately when trying to run the installer. And last but not least ClamWin installs, but will not run. It says mscvr80.dll is missing, even after I installed the MS VC++ 2005 runtime and re-installed ClamWin.
I know MS Security Essentials won't even install on XP anymore, but I gave that a shot too. The newest version (for Vista/7 32-bit) does nothing when running the installer, and the same for an older version that still works to install on XP. I assume it's some kind of check that MS does on start up.
So so far, very little luck with AV software on ROS. This investigation has got me wondering about how well malware and viruses themselves work on ROS. Kinda tempted to CryptoLocker my ROS VM and see what happens...
Indeed! ROS is so alpha it's almost virus-proof! It's not a bug, it's a feature!
Re: Malwarebytes' Anti-Malware on ROS
Please report the BSODs with a debuglog. Thanks!
with a debuglog. Thanks!![[ external image ]](http://reactos.files.wordpress.com/2009/07/reactostesterusertranslator.gif){kind=link}
-
karlexceed
- Posts: 531
- Joined: Thu Jan 10, 2013 6:17 pm
- Contact:
Re: Malwarebytes' Anti-Malware on ROS
Alright, finally got around to getting a proper dbg version running with serial output.
So, this is on a fresh install of r63583-dbg. I installed VB Guest Additions, Firefox 2.4 (I believe), and then the latest Malwarebytes from their website.
Again, install and update went smoothly. Then the scan: First time around, I got a BSOD with this info:
Then, I rebooted into debug and ran the scan again. Here's what I captured:
Basically, I'm seeing a lot of unimplemented functionality, but it looks like the crash is coming out of handling access to the registry? Any other sharp eyes seeing anything?
So, this is on a fresh install of r63583-dbg. I installed VB Guest Additions, Firefox 2.4 (I believe), and then the latest Malwarebytes from their website.
Again, install and update went smoothly. Then the scan: First time around, I got a BSOD with this info:
Code: Select all
0x0000001E (0X80000003, 0X809590E2, 0XF5204A84, 0X00000000)
NTOSKRNL.EXE - Address 80959E2 base at 80800000, DateStamp 539644e7Code: Select all
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.06.13 08:00:30 =~=~=~=~=~=~=~=~=~=~=~=
(ntoskrnl/kd/kdio.c:376) -----------------------------------------------------
(ntoskrnl/kd/kdio.c:377) ReactOS 0.4-SVN (Build 20140609-r63583)
(ntoskrnl/kd/kdio.c:379) 1 System Processor [1023 MB Memory]
(ntoskrnl/kd/kdio.c:380) Command Line: DEBUG DEBUGPORT=COM1 BAUDRATE=115200 SOS
(ntoskrnl/kd/kdio.c:384) ARC Paths: multi(0)disk(0)rdisk(0)partition(1) \ multi(0)disk(0)rdisk(0)partition(1) \ReactOS\
(ntoskrnl/ke/i386/cpu.c:494) Supported CPU features : KF_V86_VIS KF_RDTSC KF_CR4 KF_CMOV KF_GLOBAL_PAGE KF_LARGE_PAGE KF_MTRR KF_CMPXCHG8B KF_MMX KF_WORKING_PTE KF_PAT KF_FXSR KF_FAST_SYSCALL KF_XMMI KF_XMMI64
(ntoskrnl/ke/i386/cpu.c:801) Prefetch Cache: 64 bytes L2 Cache: 0 bytes L2 Cache Line: 64 bytes L2 Cache Associativity: 0
(hal/halx86/acpi/halacpi.c:782) ACPI Timer at: 4008h (EXT: 256)
(hal/halx86/acpi/halacpi.c:890) ACPI 2.0 Detected. Tables: [RSDT] [FACP]
(ntoskrnl/mm/ARM3/mminit.c:1443) HAL I/O Mapping at FFFE0000 is unsafe
(ntoskrnl/mm/mminit.c:260) 0x80000000 - 0x83000000 Boot Loaded Image
(ntoskrnl/mm/mminit.c:264) 0xB0000000 - 0xB0701000 PFN Database
(ntoskrnl/mm/mminit.c:268) 0xB0701000 - 0xB26D1000 ARM3 Non Paged Pool
(ntoskrnl/mm/mminit.c:272) 0xB9400000 - 0xBB400000 System View Space
(ntoskrnl/mm/mminit.c:276) 0xBB400000 - 0xC0000000 Session Space
(ntoskrnl/mm/mminit.c:279) 0xC0000000 - 0xC03FFFFF Page Tables
(ntoskrnl/mm/mminit.c:282) 0xC0300000 - 0xC0300FFF Page Directories
(ntoskrnl/mm/mminit.c:285) 0xC0400000 - 0xC07FFFFF Hyperspace
(ntoskrnl/mm/mminit.c:289) 0xE1000000 - 0xECC00000 ARM3 Paged Pool
(ntoskrnl/mm/mminit.c:292) 0xECC00000 - 0xF7BE0000 System PTE Space
(ntoskrnl/mm/mminit.c:295) 0xF7BE0000 - 0xFFBE0000 Non Paged Pool Expansion PTE Space
(ntoskrnl/config/cmcheck.c:25) CmCheckRegistry(0xB2678008, 2) is UNIMPLEMENTED!
ACPI Compatible Eisa/Isa HAL Detected
(ntoskrnl/io/pnpmgr/pnpmgr.c:3190) Firmware mapper is disabled
(ntoskrnl/io/pnpmgr/pnpreport.c:353) Reported device: DETECTEDInternal\ACPI_HAL (Root\ACPI_HAL\0)
SAC DriverEntry: Entering.
(ntoskrnl/io/iomgr/driver.c:1629) '\Driver\SACDRV' initialization failed, status (0xc0000037)
(ntoskrnl/io/iomgr/driver.c:61) Deleting driver object '\Driver\SACDRV'
(hal/halx86/legacy/bus/pcibus.c:715) WARNING: PCI Slot Resource Assignment is FOOBAR
(ntoskrnl/io/iomgr/iorsrce.c:874) IoReportResourceUsage is halfplemented!
(ntoskrnl/io/iomgr/iorsrce.c:874) IoReportResourceUsage is halfplemented!
(ntoskrnl/io/iomgr/driver.c:1629) '\Driver\BUSLOGIC' initialization failed, status (0xc00000c0)
(ntoskrnl/io/iomgr/driver.c:61) Deleting driver object '\Driver\BUSLOGIC'
(drivers/bus/acpi/busmgr/bus.c:1197) Using HPET hack
(drivers/bus/acpi/acpienum.c:66) Detected duplicate device: PNP0C0F 0
(drivers/bus/acpi/acpienum.c:66) Detected duplicate device: PNP0C0F 0
(drivers/bus/acpi/acpienum.c:66) Detected duplicate device: PNP0C0F 0
(ntoskrnl/io/pnpmgr/pnpmgr.c:4032) IRP_MN_QUERY_PNP_DEVICE_STATE failed with status 0xc00000bb
(ntoskrnl/io/pnpmgr/pnpmgr.c:4032) IRP_MN_QUERY_PNP_DEVICE_STATE failed with status 0xc00000bb
(drivers/bus/pci/pdo.c:1289) Enabling command flags for PCI device 0x21 on bus 0x0: [Bus master] [I/O space enable]
(drivers/storage/ide/pciidex/fdo.c:467) IRP_MJ_PNP / Unknown minor function 0x9
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\VBoxVideo.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\pcnet.sys' with status 0xc000003a
(drivers/bus/pci/pdo.c:1272) Assigning IRQ 9 to PCI device 0x4 on bus 0x0
(drivers/bus/pci/pdo.c:1289) Enabling command flags for PCI device 0x4 on bus 0x0: [Bus master] [Memory space enable] [I/O space enable]
(ntoskrnl/io/pnpmgr/pnpmgr.c:4032) IRP_MN_QUERY_PNP_DEVICE_STATE failed with status 0xc00000bb
(lib/drivers/libusb/libusb.cpp:33) USBLIB_AddDevice
(drivers/bus/pci/pdo.c:1272) Assigning IRQ 11 to PCI device 0x6 on bus 0x0
(drivers/bus/pci/pdo.c:1289) Enabling command flags for PCI device 0x6 on bus 0x0: [Bus master] [Memory space enable]
(drivers/usb/usbohci/hardware.cpp:383) Starting Controller
(drivers/usb/usbohci/hardware.cpp:526) Controller State 80
(drivers/usb/usbohci/hardware.cpp:620) FrameInterval 80000000 IntervalValue 2edf
(drivers/usb/usbohci/hardware.cpp:622) Computed FrameInterval a7782edf
(drivers/usb/usbohci/hardware.cpp:630) Read FrameInterval a7782edf
(drivers/usb/usbohci/hardware.cpp:637) Computed Periodic Start 2a2f
(drivers/usb/usbohci/hardware.cpp:640) Read Periodic Start 2a2f
(drivers/usb/usbohci/hardware.cpp:683) NumberOfPorts 8
(drivers/usb/usbohci/hardware.cpp:704) Descriptor A: 1108
(drivers/usb/usbohci/hardware.cpp:723) Descriptor B: 1fe0000
(drivers/usb/usbohci/hardware.cpp:733) HCCA: 106000 Alignment mask: ffffff00
(drivers/usb/usbohci/hardware.cpp:773) Control 2bf
(drivers/usb/usbohci/hardware.cpp:778) OHCI controller is operational
(ntoskrnl/io/pnpmgr/pnpmgr.c:4032) IRP_MN_QUERY_PNP_DEVICE_STATE failed with status 0xc00000bb
(lib/drivers/libusb/hub_controller.cpp:3922) CHubController::CreatePDO: DeviceName \Device\USBPDO-0
(drivers/usb/usbhub/fdo.c:1641) Status 0, Result 0x00000040
(drivers/usb/usbhub/fdo.c:1642) InformationLevel 0
(drivers/usb/usbhub/fdo.c:1643) ActualLength 40
(drivers/usb/usbhub/fdo.c:1644) PortNumber 0
(drivers/usb/usbhub/fdo.c:1645) DeviceDescriptor 20000112
(drivers/usb/usbhub/fdo.c:1646) HubAddress 0
(drivers/usb/usbhub/fdo.c:1647) NumberofPipes 0
(drivers/usb/usbhub/fdo.c:1740) HubDeviceExtension->UsbExtHubInfo.NumberOfPorts 8
(drivers/usb/usbohci/hardware.cpp:1209) Waiting 0 milliseconds for port power up
(drivers/usb/usbohci/hardware.cpp:1138) Waiting 100 milliseconds for port to stabilize after connection
(drivers/usb/usbohci/hardware.cpp:1155) Enabling status change
(drivers/usb/usbohci/hardware.cpp:1209) Waiting 0 milliseconds for port power up
(drivers/usb/usbohci/hardware.cpp:1155) Enabling status change
(drivers/usb/usbohci/hardware.cpp:1209) Waiting 0 milliseconds for port power up
(drivers/usb/usbohci/hardware.cpp:1155) Enabling status change
(drivers/usb/usbohci/hardware.cpp:1209) Waiting 0 milliseconds for port power up
(drivers/usb/usbohci/hardware.cpp:1155) Enabling status change
(drivers/usb/usbohci/hardware.cpp:1209) Waiting 0 milliseconds for port power up
(drivers/usb/usbohci/hardware.cpp:1155) Enabling status change
(drivers/usb/usbohci/hardware.cpp:1209) Waiting 0 milliseconds for port power up
(drivers/usb/usbohci/hardware.cpp:1155) Enabling status change
(drivers/usb/usbohci/hardware.cpp:1209) Waiting 0 milliseconds for port power up
(drivers/usb/usbohci/hardware.cpp:1155) Enabling status change
(drivers/usb/usbohci/hardware.cpp:1209) Waiting 0 milliseconds for port power up
(drivers/usb/usbohci/hardware.cpp:1155) Enabling status change
(ntoskrnl/io/pnpmgr/pnpmgr.c:4032) IRP_MN_QUERY_PNP_DEVICE_STATE failed with status 0xc00000bb
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\VBoxVideo.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\pcnet.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\i8042prt.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\i8042prt.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\serial.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\cmbatt.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\VBoxVideo.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\pcnet.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\i8042prt.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\i8042prt.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\serial.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\System32\drivers\cmbatt.sys' with status 0xc000003a
(lib/drivers/libusb/hub_controller.cpp:314) [USBOHCI] SCE Request B2417A50 TransferBufferLength 32 Flags 3 MDL 00000000
(ntoskrnl/io/iomgr/iorsrce.c:725) Failed to open symlink \Device\Harddisk0\Partition1, Status=c0000024
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 0: Status 1, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 1: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 2: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 3: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 4: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 5: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 6: Status 0, Change 0
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\VBoxVideo.sys at F67E5000 with 22 pages
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 7: Status 0, Change 0
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\VIDEOPRT.SYS at F67CE000 with 17 pages
Formatted registry key '\Registry\Machine\System\CurrentControlSet\Services\VBOXVIDEO' -> '\Registry\Machine\System\CurrentControlSet\Services\VBOXVIDEO\Device0'
(drivers/bus/pci/pdo.c:1272) Assigning IRQ 11 to PCI device 0x2 on bus 0x0
(drivers/bus/pci/pdo.c:1289) Enabling command flags for PCI device 0x2 on bus 0x0: [Bus master] [Memory space enable]
(ntoskrnl/io/pnpmgr/pnpmgr.c:852) IRP_MN_QUERY_CAPABILITIES failed with status 0xc00000bb
(ntoskrnl/io/pnpmgr/pnpmgr.c:685) IopInitiatePnpIrp() failed (Status 0xc00000bb)
(ntoskrnl/io/pnpmgr/pnpmgr.c:4032) IRP_MN_QUERY_PNP_DEVICE_STATE failed with status 0xc00000bb
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\pcnet.sys at F67B0000 with a pages
(/srv/buildbot_cmake/full_cmake/build/drivers/network/ndis/ndis/miniport.c:2629)(NdisMRegisterMiniport) Initializing an NDIS 5.1 miniport
(drivers/bus/pci/pdo.c:1272) Assigning IRQ 10 to PCI device 0x3 on bus 0x0
(drivers/bus/pci/pdo.c:1289) Enabling command flags for PCI device 0x3 on bus 0x0: [Bus master] [Memory space enable] [I/O space enable]
(/srv/buildbot_cmake/full_cmake/build/drivers/network/ndis/ndis/miniport.c:2848)(NdisMSetAttributesEx) Miniport attribute flags: 0x8
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\i8042prt.sys at F679D000 with 10 pages
(drivers/usb/usbohci/hardware.cpp:1395) Disabling status change interrupt
(drivers/usb/usbohci/hardware.cpp:1514) Port 0 completed reset
(lib/drivers/libusb/hub_controller.cpp:314) [USBOHCI] SCE Request B2417A50 TransferBufferLength 32 Flags 3 MDL 00000000
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\kbdclass.sys at F6792000 with b pages
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 0: Status 3, Change 10
(lib/drivers/libusb/hub_controller.cpp:333) [USBOHCI] Change state on port 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 1: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 2: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 3: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 4: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 5: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 6: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 7: Status 0, Change 0
(drivers/input/i8042prt/pnp.c:752) IRP_MJ_PNP / unknown minor function 0x9
(ntoskrnl/io/pnpmgr/pnpmgr.c:4032) IRP_MN_QUERY_PNP_DEVICE_STATE failed with status 0xc00000bb
(drivers/usb/usbohci/hardware.cpp:1155) Enabling status change
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\VBoxMouse.sys at F6775000 with 1d pages
(lib/drivers/libusb/hub_controller.cpp:2689) USBHI_CreateUsbDevice
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\mouclass.sys at F676C000 with 9 pages
(lib/drivers/libusb/usb_device.cpp:314) [USBOHCI] SetDeviceAddress> Address 1
(drivers/input/i8042prt/pnp.c:752) IRP_MJ_PNP / unknown minor function 0x9
(ntoskrnl/io/pnpmgr/pnpmgr.c:4032) IRP_MN_QUERY_PNP_DEVICE_STATE failed with status 0xc00000bb
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\serial.sys at F6760000 with c pages
(ntoskrnl/io/pnpmgr/pnpres.c:614) Resource conflict: IRQ (0x4 0x4 vs. 0x4 0x4)
(ntoskrnl/io/pnpmgr/pnpres.c:1099) Boot resources for ACPI\PNP0501\0 cause a resource conflict!
(ntoskrnl/io/pnpmgr/pnpres.c:135) Satisfying port requirement with 0x3f8 (length: 0x8)
(ntoskrnl/io/pnpmgr/pnpres.c:384) Failed to find an available interrupt resource (0x4 to 0x4)
(ntoskrnl/io/pnpmgr/pnpres.c:512) Unable to satisfy preferred resource or alternates in list 0
(ntoskrnl/io/pnpmgr/pnpres.c:523) Out of alternate lists!
(ntoskrnl/io/pnpmgr/pnpres.c:1122) Failed to fixup a resource list from supplied resources for ACPI\PNP0501\0
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\cmbatt.sys at F6752000 with e pages
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\battc.sys at F674B000 with 7 pages
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\wmilib.sys at F6744000 with 7 pages
(ntoskrnl/io/pnpmgr/pnpmgr.c:464) \Driver\CMBATT->AddDevice(ACPI\ACPI0003\0) failed with status 0xc0000034
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\floppy.sys at F6731000 with 13 pages
(ntoskrnl/io/iomgr/driver.c:1629) '\Driver\FLOPPY' initialization failed, status (0xc000000e)
(ntoskrnl/io/iomgr/driver.c:61) Deleting driver object '\Driver\FLOPPY'
(ntoskrnl/io/iomgr/driver.c:2009) IopInitializeDriverModule() failed (Status c000000e)
(ntoskrnl/mm/ARM3/sysldr.c:937) Leaking driver: floppy.sys
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\cdrom.sys at F671D000 with 10 pages
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\fs_rec.sys at F6714000 with 9 pages
(lib/drivers/libusb/usb_device.cpp:844) Dumping Device Descriptor B235E470
(lib/drivers/libusb/usb_device.cpp:845) bLength 12
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\null.sys at F670D000 with 7 pages
(lib/drivers/libusb/usb_device.cpp:846) bDescriptorType 1
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\beep.sys at F6706000 with 7 pages
(lib/drivers/libusb/usb_device.cpp:847) bcdUSB 110
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\blue.sys at F66FE000 with 8 pages
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\vbemp.sys at F66F5000 with 9 pages
(lib/drivers/libusb/usb_device.cpp:848) bDeviceClass 0
(lib/drivers/libusb/usb_device.cpp:849) bDeviceSubClass 0
(lib/drivers/libusb/usb_device.cpp:850) bDeviceProtocol 0
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\npfs.sys at F66E3000 with 12 pages
(lib/drivers/libusb/usb_device.cpp:851) bMaxPacketSize0 8
(lib/drivers/libusb/usb_device.cpp:852) idVendor 80ee
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\msfs.sys at F66DC000 with 7 pages
(lib/drivers/libusb/usb_device.cpp:853) idProduct 21
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\ndisuio.sys at F66D2000 with a pages
(/srv/buildbot_cmake/full_cmake/build/drivers/network/ndis/ndis/protocol.c:981)(ndisBindMiniportsToProtocol) Performing global bind for protocol 'NDISUIO'
(/srv/buildbot_cmake/full_cmake/build/drivers/network/ndis/ndis/protocol.c:1077)(ndisBindMiniportsToProtocol) NDISUIO's BindAdapter handler returned 0x0 for \Device\{c0ea3216-3067-4d7c-b906-dd73545155fa}
(drivers/network/ndisuio/main.c:101) NDISUIO: Loaded
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\tcpip.sys at F669C000 with 36 pages
(lib/drivers/libusb/usb_device.cpp:854) bcdDevice 100
(lib/drivers/libusb/usb_device.cpp:855) iManufacturer 1
(/srv/buildbot_cmake/full_cmake/build/drivers/network/ndis/ndis/protocol.c:988)(ndisBindMiniportsToProtocol) Performing standard bind for protocol 'TCPIP'
NDIS_STATUS_MEDIA_CONNECT
(/srv/buildbot_cmake/full_cmake/build/drivers/network/ndis/ndis/protocol.c:1077)(ndisBindMiniportsToProtocol) TCPIP's BindAdapter handler returned 0x0 for \Device\{c0ea3216-3067-4d7c-b906-dd73545155fa}
Unhandled event type: 6
(lib/drivers/libusb/usb_device.cpp:856) iProduct 3
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\afd.sys at F667D000 with 1b pages
(lib/drivers/libusb/usb_device.cpp:857) iSerialNumber 0
(lib/drivers/libusb/usb_device.cpp:858) bNumConfigurations 1
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\VBoxSF.sys at F663B000 with 42 pages
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\system32\drivers\ksecdd.sys' with status 0xc0000034
(ntoskrnl/mm/ARM3/sysldr.c:3007) ZwOpenFile failed for '\SystemRoot\system32\drivers\drivers\ksecdd.sys' with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:1229) Failed to load dependency: \SystemRoot\system32\drivers\drivers\ksecdd.sys
(ntoskrnl/mm/ARM3/sysldr.c:3227) MiResolveImageReferences failed with status 0xc000003a
(ntoskrnl/mm/ARM3/sysldr.c:3229) Missing driver '\SystemRoot\system32\drivers\drivers\ksecdd.sys', missing API '(null)'
(ntoskrnl/io/iomgr/file.c:438) Using IopParseDevice() hack. Requested invalid attributes: 1
(drivers/bus/acpi/main.c:273) Fixed power button reported to power manager
(drivers/bus/acpi/main.c:278) Fixed sleep button reported to power manager
(ntoskrnl/ex/init.c:1959) Free non-cache pages: 3c76c
WARNING: RtlCreateTagHeap at lib/rtl/heap.c:3855 is UNIMPLEMENTED!
(lib/drivers/libusb/usb_device.cpp:865) Dumping ConfigurationDescriptor B233B000
(lib/drivers/libusb/usb_device.cpp:866) bLength 9
(lib/drivers/libusb/usb_device.cpp:867) bDescriptorType 2
(lib/drivers/libusb/usb_device.cpp:868) wTotalLength 22
(lib/drivers/libusb/usb_device.cpp:869) bNumInterfaces 1
(lib/drivers/libusb/usb_device.cpp:870) bConfigurationValue 1
(lib/drivers/libusb/usb_device.cpp:871) iConfiguration 0
(lib/drivers/libusb/usb_device.cpp:872) bmAttributes 80
(lib/drivers/libusb/usb_device.cpp:873) MaxPower 32
(drivers/usb/usbhub/fdo.c:782) IsCompositeDevice bNumInterfaces 1
(drivers/usb/usbhub/fdo.c:688) StringDesc->bLength 22
(lib/drivers/libusb/hub_controller.cpp:314) [USBOHCI] SCE Request B2417A50 TransferBufferLength 32 Flags 3 MDL 00000000
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 0: Status 3, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 1: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 2: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 3: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 4: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 5: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 6: Status 0, Change 0
(lib/drivers/libusb/hub_controller.cpp:325) [USBOHCI] Port 7: Status 0, Change 0
(drivers/usb/usbhub/pdo.c:540) USB Tablet
(drivers/usb/usbhub/pdo.c:540) USB Tablet
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\hidusb.sys at F6620000 with 9 pages
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\hidclass.sys at F6614000 with c pages
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\hidparse.sys at F6608000 with c pages
(drivers/usb/usbhub/pdo.c:746) PDO IRP_MJ_PNP / unknown minor function 0xd
WARNING: USBHUB_PdoStartDevice at drivers/usb/usbhub/pdo.c:415 is UNIMPLEMENTED!
(drivers/usb/usbohci/usb_queue.cpp:667) URB failed with status 0xc0000004
(drivers/usb/usbohci/usb_request.cpp:1831) OHCI_TD_CONDITION_STALL detected in TransferDescriptor TransferDescriptor F68073E0
(lib/drivers/libusb/hub_controller.cpp:2166) [USBOHCI] URB_FUNCTION_CLASS_INTERFACE failed with Urb Status 0
(drivers/hid/hidusb/hidusb.c:1416) Status c0000001
(drivers/usb/usbhub/pdo.c:287) IOCTL_INTERNAL_USB_SUBMIT_URB Function 28 NOT IMPLEMENTED
(drivers/usb/usbhub/pdo.c:746) PDO IRP_MJ_PNP / unknown minor function 0x14
(ntoskrnl/io/pnpmgr/pnpmgr.c:4032) IRP_MN_QUERY_PNP_DEVICE_STATE failed with status 0xc00000bb
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\drivers\mouhid.sys at F6600000 with 8 pages
(drivers/hid/hidclass/hidclass.c:161) [HIDCLASS] PnP HACK
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\system32\drivers\cdfs.sys at F65EA000 with c pages
(base/system/smss/pagefile.c:909) SMSS:PFILE: Volume `\??\D:\' (3) cannot store a paging file
Boot took 14506779282 cycles!
Interrupts: 865 System Calls: 16038 Context Switches: 443
(ntoskrnl/config/cmcheck.c:25) CmCheckRegistry(0xB22020D0, 0) is UNIMPLEMENTED!
(ntoskrnl/config/cmcheck.c:25) CmCheckRegistry(0xB22123D8, 0) is UNIMPLEMENTED!
(ntoskrnl/config/cmcheck.c:25) CmCheckRegistry(0xB22131E8, 0) is UNIMPLEMENTED!
(ntoskrnl/config/cmcheck.c:25) CmCheckRegistry(0xB22113D8, 0) is UNIMPLEMENTED!
(ntoskrnl/mm/ARM3/session.c:795) Session 0 is ready to go: 0xBF7F0000 0xF65FA000, 3ff88 0xB220F008
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\win32k.sys at F6495000 with 145 pages
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\ftfd.dll at F6413000 with 82 pages
(subsystems/win32/csrsrv/init.c:579) Name=ObjectDirectory, Value=\Windows
(subsystems/win32/csrsrv/init.c:579) Name=SharedSection, Value=1024,12288,512
(subsystems/win32/csrsrv/init.c:579) Name=Windows, Value=On
(subsystems/win32/csrsrv/init.c:579) Name=SubSystemType, Value=Windows
(subsystems/win32/csrsrv/init.c:579) Name=ServerDll, Value=basesrv,1
(subsystems/win32/csrsrv/init.c:579) Name=ServerDll, Value=winsrv:UserServerDllInitialization,3
(win32ss/user/ntuser/sysparams.c:1578) err: UserSystemParametersInfo called without active window station.
(win32ss/user/winsrv/init.c:51) WINSRV - HACK: Use keyboard hook hack
(win32ss/user/ntuser/winsta.c:223) err: Invalid window station handle
(win32ss/user/ntuser/ntuser.c:163) err: Enter NtUserInitialize(0, 00000000, 00000000)
(win32ss/user/ntuser/display.c:79) err: InitDisplayDriver(\Device\Video0, \Registry\Machine\System\CurrentControlSet\Services\VBOXVIDEO\Device0);
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\VBoxDisp.dll at F63EC000 with 17 pages
err:(win32ss/user/user32/misc/dllmain.c:390) ClientThreadSetup
fixme:(win32ss/user/user32/misc/dllmain.c:253) ClientThreadSetup is UNIMPLEMENTED!
(subsystems/win32/csrsrv/init.c:579) Name=ServerDll, Value=winsrv:ConServerDllInitialization,2
(subsystems/win32/csrsrv/init.c:579) Name=ProfileControl, Value=Off
(subsystems/win32/csrsrv/init.c:579) Name=MaxRequestThreads, Value=16
(win32ss/user/ntuser/keyboard.c:202) err: NtDeviceIoControlFile() failed, ignored
(win32ss/user/ntuser/keyboard.c:207) err: Keyboard type 4, subtype 0 and number of func keys 12
(win32ss/user/ntuser/hotkey.c:55) err: Start up the debugger hotkeys!! Should see this once!
fixme:(win32ss/user/user32/misc/dllmain.c:253) ClientThreadSetup is UNIMPLEMENTED!
(win32ss/user/ntuser/hook.c:1093) err: Kill Thread Hooks pti B1FD05B8 pdo 00000000
fixme:(win32ss/user/user32/misc/dllmain.c:253) ClientThreadSetup is UNIMPLEMENTED!
(win32ss/user/ntuser/sysparams.c:1578) err: UserSystemParametersInfo called without active window station.
(win32ss/user/ntuser/desktop.c:1970) err: Attempted to change thread desktop although the thread has windows!
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \SystemRoot\System32\kbdus.dll at F63C7000 with 5 pages
(win32ss/gdi/eng/mouse.c:731) Failed to lock the DC.
(win32ss/gdi/eng/mouse.c:731) Failed to lock the DC.
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x90003, desired 0x190003 (generic mapping B267A0B0).
(win32ss/gdi/eng/mouse.c:731) Failed to lock the DC.
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x90003, desired 0x190003 (generic mapping B267A0B0).
(win32ss/gdi/eng/mouse.c:731) Failed to lock the DC.
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x90003, desired 0x190003 (generic mapping B267A0B0).
(win32ss/user/ntuser/desktop.c:472) err: Got handle: 000003CC
(win32ss/user/ntuser/desktop.c:1970) err: Attempted to change thread desktop although the thread has windows!
err:(win32ss/user/user32/windows/window.c:346) CreateWindowExA RegisterSystemControls
Boot took 15217749302 cycles!
Interrupts: 1529 System Calls: 21460 Context Switches: 1979
(win32ss/user/ntuser/desktop.c:525) err: ptiLastInput is CLEARED!!
(win32ss/user/ntuser/msgqueue.c:2058) err: DereferenceObject pCursor
(lib/lsalib/lsa.c:312) LsaRegisterLogonProcess()
err:(dll/win32/lsasrv/lsarpc.c:1136) LsapOpenDbObject failed (Status 0xc0000034)
err:(dll/win32/lsasrv/lsarpc.c:1136) LsapOpenDbObject failed (Status 0xc0000034)
err:(dll/win32/lsasrv/lsarpc.c:1136) LsapOpenDbObject failed (Status 0xc0000034)
err:(dll/win32/lsasrv/lsarpc.c:1136) LsapOpenDbObject failed (Status 0xc0000034)
(base/system/services/rpcserver.c:1731) RNotifyBootConfigStatus(00000000 1) called
(ntoskrnl/mm/ARM3/section.c:1940) Warning, not handling dirty bit
(ntoskrnl/mm/ARM3/section.c:1940) Warning, not handling dirty bit
WARNING: MmSecureVirtualMemory at ntoskrnl/mm/ARM3/virtual.c:2588 is UNIMPLEMENTED!
WARNING: MmUnsecureVirtualMemory at ntoskrnl/mm/ARM3/virtual.c:2599 is UNIMPLEMENTED!
(ntoskrnl/config/cmcheck.c:25) CmCheckRegistry(0xB1F0A008, 0) is UNIMPLEMENTED!
Boot took 15482051474 cycles!
Interrupts: 1667 System Calls: 35892 Context Switches: 2880
fixme:(dll/win32/rpcrt4/rpc_server.c:1670) (0x1000): stub
[SVCHOST] 134.154: GetProcAddress (SvchostPushServiceGlobals) failed on DLL c:\reactos\system32\dhcpcsvc.dll. Error 127.
(dll/win32/kernel32/client/proc.c:4038) Current directory: C:\ReactOS
(win32ss/user/ntuser/desktop.c:1970) err: Attempted to change thread desktop although the thread has windows!
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x0, desired 0x100000 (generic mapping B267A0B0).
(win32ss/user/ntuser/desktop.c:525) err: ptiLastInput is CLEARED!!
(win32ss/user/ntuser/sysparams.c:660) err: UserLoadImage failed
DHCPCSVC: Adapter Name: [{c0ea3216-3067-4d7c-b906-dd73545155fa}] (dynamic)
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(lib/rtl/actctx.c:1396) Unsupported yet language attribute ((null))
(base/services/umpnpmgr/umpnpmgr.c:2855) Installing: PCI\VEN_8086&DEV_2415&SUBSYS_00008086&REV_01\3&609b8881&05
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(base/services/umpnpmgr/umpnpmgr.c:2964) Success? 0
err:(win32ss/user/user32/misc/dde.c:886) instance created - checking validity
err:(win32ss/user/user32/misc/dde.c:891) new instance, callback 7654BA80 flags 14000
err:(win32ss/user/user32/misc/dde.c:910) First application instance detected OK
err:(win32ss/user/user32/misc/dde.c:991) New application instance processing finished OK
fixme:(dll/win32/ole32/stubmanager.c:629) No interface for iid {00000019-0000-0000-c000-000000000046}
(win32ss/user/ntuser/winpos.c:1396) err: Window is HWND_BOTTOM
err:(dll/win32/comctl32/toolbar.c:6773) unknown msg 0466 wp=00000000 lp=0022ec5c
Using shell hooks for notification of shell events.
WARNING: BackupRead at dll/win32/kernel32/client/file/backup.c:33 is UNIMPLEMENTED!
WARNING: BackupRead at dll/win32/kernel32/client/file/backup.c:33 is UNIMPLEMENTED!
WARNING: BackupRead at dll/win32/kernel32/client/file/backup.c:33 is UNIMPLEMENTED!
(ntoskrnl/mm/ARM3/section.c:1940) Warning, not handling dirty bit
(ntoskrnl/mm/ARM3/section.c:1940) Warning, not handling dirty bit
(win32ss/user/ntuser/input.c:606) err: Enter NtUserAttachThreadInput TRUE
(win32ss/user/ntuser/input.c:478) err: Attach Allocated! ptiFrom 0xB1E72008 ptiTo 0xB1E82458 paiCount 1
(win32ss/user/ntuser/input.c:488) err: ptiTo is Foreground
(win32ss/user/ntuser/input.c:510) err: ptiFrom NOT Foreground
(win32ss/user/ntuser/input.c:518) err: ptiTo S Share count 2
(win32ss/user/ntuser/input.c:627) err: Leave NtUserAttachThreadInput, ret=1
(win32ss/user/ntuser/input.c:606) err: Enter NtUserAttachThreadInput FALSE
(win32ss/user/ntuser/input.c:553) err: Attach Free! ptiFrom 0xB1E72008 ptiTo 0xB1E82458 paiCount 0
(win32ss/user/ntuser/input.c:564) err: ptiTo E Share count 1
(win32ss/user/ntuser/input.c:627) err: Leave NtUserAttachThreadInput, ret=1
fixme:(dll/win32/wtsapi32/wtsapi32.c:266) Stub 000900D2 0x00000000
fixme:(dll/win32/wtsapi32/wtsapi32.c:209) Stub 00000000 0xffffffff 8 0012FED4 0012FEDC
(dll/ntdll/ldr/ldrutils.c:1323) LDR: LdrpMapDll Relocating Image Name C:\ReactOS\System32\VBoxHook.dll (10000000 -> 00B30000)
(dll/ntdll/ldr/ldrutils.c:1362) Overlapping DLL: C:\ReactOS\System32\VBoxMRXNP.dll
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
(ntoskrnl/ex/init.c:2001) Free non-cache pages: 3b081
(ntoskrnl/mm/ARM3/zeropage.c:50) Free non-cache pages: 3b2c2
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
(win32ss/user/ntuser/focus.c:576) err: Mouse Active
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
(win32ss/user/ntuser/focus.c:576) err: Mouse Active
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
(win32ss/user/ntuser/focus.c:576) err: Mouse Active
(win32ss/user/ntuser/focus.c:576) err: Mouse Active
err:(dll/win32/comctl32/commctrl.c:1756) GdiAlphaBlend failed: 5
(win32ss/user/ntuser/focus.c:576) err: Mouse Active
err:(dll/win32/comctl32/commctrl.c:1756) GdiAlphaBlend failed: 5
err:(dll/win32/comctl32/commctrl.c:1756) GdiAlphaBlend failed: 5
(win32ss/user/ntuser/focus.c:576) err: Mouse Active
MainFrameBase::OpenShellFolders(): parent_pidl=C:\Documents and Settings\Administrator\Desktop
fixme:(dll/win32/shell32/shlexec.cpp:1780) flags ignored: 0x00004000
(dll/win32/kernel32/client/proc.c:4038) Current directory: C:\Program Files\Malwarebytes Anti-Malware
err:(dll/win32/comctl32/commctrl.c:1756) GdiAlphaBlend failed: 5
(lib/rtl/actctx.c:2396) unknown element trustInfo
(dll/ntdll/ldr/ldrutils.c:1323) LDR: LdrpMapDll Relocating Image Name mbamcore.dll (10000000 -> 00130000)
(dll/ntdll/ldr/ldrutils.c:1362) Overlapping DLL: C:\Program Files\Malwarebytes Anti-Malware\mbam.dll
(dll/ntdll/ldr/ldrutils.c:1323) LDR: LdrpMapDll Relocating Image Name mbamsrv.dll (10000000 -> 014B0000)
(dll/ntdll/ldr/ldrutils.c:1362) Overlapping DLL: C:\Program Files\Malwarebytes Anti-Malware\mbam.dll
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(dll/ntdll/ldr/ldrutils.c:1323) LDR: LdrpMapDll Relocating Image Name C:\ReactOS\System32\VBoxMRXNP.dll (10000000 -> 01E90000)
(dll/ntdll/ldr/ldrutils.c:1362) Overlapping DLL: C:\Program Files\Malwarebytes Anti-Malware\mbam.dll
(ntoskrnl/mm/ARM3/section.c:1940) Warning, not handling dirty bit
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x0, desired 0x100400 (generic mapping B267E950).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x0, desired 0x100410 (generic mapping B267E950).
(dll/ntdll/ldr/ldrutils.c:1323) LDR: LdrpMapDll Relocating Image Name C:\Program Files\Malwarebytes Anti-Malware\imageformats\qgif4.dll (10000000 -> 0A830000)
(dll/ntdll/ldr/ldrutils.c:1362) Overlapping DLL: C:\Program Files\Malwarebytes Anti-Malware\mbam.dll
(dll/ntdll/ldr/ldrutils.c:1323) LDR: LdrpMapDll Relocating Image Name C:\Program Files\Malwarebytes Anti-Malware\imageformats\qgif4.dll (10000000 -> 0A830000)
(dll/ntdll/ldr/ldrutils.c:1362) Overlapping DLL: C:\Program Files\Malwarebytes Anti-Malware\mbam.dll
(ntoskrnl/ex/work.c:741) Requesting a new thread. CurrentCount: 0. MaxCount: 1
(ntoskrnl/ex/work.c:397) EX: Creating new dynamic thread as requested
(ntoskrnl/ex/work.c:741) Requesting a new thread. CurrentCount: 0. MaxCount: 1
(ntoskrnl/ex/work.c:397) EX: Creating new dynamic thread as requested
fixme:(dll/win32/dwmapi/dwmapi_main.c:64) 014AF798
fixme:(dll/win32/shell32/shell32_main.cpp:558) SHGFI_OVERLAYINDEX unhandled
(ntoskrnl/io/iomgr/file.c:438) Using IopParseDevice() hack. Requested invalid attributes: 9
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
fixme:(dll/win32/shell32/shell32_main.cpp:558) SHGFI_OVERLAYINDEX unhandled
fixme:(dll/win32/shell32/shell32_main.cpp:558) SHGFI_OVERLAYINDEX unhandled
fixme:(dll/win32/shell32/shell32_main.cpp:558) SHGFI_OVERLAYINDEX unhandled
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
err:(win32ss/user/user32/misc/dllmain.c:422) hIconSmWindows 00050108 hIconWindows 0004010E
(win32ss/user/ntuser/callback.c:1087) err: hIconSmWindows 00050108 hIconWindows 0004010E
(ntoskrnl/ex/work.c:741) Requesting a new thread. CurrentCount: 0. MaxCount: 1
(ntoskrnl/ex/work.c:397) EX: Creating new dynamic thread as requested
(ntoskrnl/ex/work.c:741) Requesting a new thread. CurrentCount: 0. MaxCount: 1
(ntoskrnl/ex/work.c:397) EX: Creating new dynamic thread as requested
(ntoskrnl/ex/work.c:741) Requesting a new thread. CurrentCount: 0. MaxCount: 1
(ntoskrnl/ex/work.c:397) EX: Creating new dynamic thread as requested
(ntoskrnl/ex/work.c:741) Requesting a new thread. CurrentCount: 0. MaxCount: 1
(ntoskrnl/ex/work.c:397) EX: Creating new dynamic thread as requested
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x0, desired 0x100000 (generic mapping B267A0B0).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x0, desired 0x100000 (generic mapping B267A0B0).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \??\C:\ReactOS\System32\drivers\MBAMSwissArmy.sys at F5184000 with 1e pages
(ntoskrnl/mm/ARM3/sysldr.c:174) Loading: \??\C:\ReactOS\System32\drivers\CLASSPNP.SYS at F5154000 with 30 pages
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x0, desired 0x100000 (generic mapping B267A0B0).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
fixme:(dll/win32/wtsapi32/wtsapi32.c:147) Stub 00000000 0x00000000 0x00000001 0CAED644 0CAED640
fixme:(dll/win32/wtsapi32/wtsapi32.c:164) Stub 00000000
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(lib/rtl/path.c:670) RtlQueryEnvironmentVariable_U returned 0xc0000100
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(dll/ntdll/ldr/ldrutils.c:1323) LDR: LdrpMapDll Relocating Image Name C:\Program Files\Malwarebytes Anti-Malware\7z.dll (10000000 -> 08B00000)
(dll/ntdll/ldr/ldrutils.c:1362) Overlapping DLL: C:\Program Files\Malwarebytes Anti-Malware\mbam.dll
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(dll/win32/wshtcpip/wshtcpip.c:701) Set: TCP_NODELAY not yet supported
TCP operation failed: 0xc0000128 (-12)
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/config/cmcheck.c:25) CmCheckRegistry(0xB1DA6008, 0) is UNIMPLEMENTED!
MSAFD: Get unknown optname 1006
TCP operation failed: 0xc0000128 (-12)
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x100089, desired 0x10019b (generic mapping 8097C840).
MSAFD: Get unknown optname 1006
TCP operation failed: 0xc0000128 (-12)
(win32ss/user/ntuser/msgqueue.c:1390) err: Not the same cursor!
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
(win32ss/user/ntuser/msgqueue.c:1390) err: Not the same cursor!
(win32ss/user/ntuser/msgqueue.c:1390) err: Not the same cursor!
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
(ntoskrnl/se/accesschk.c:271) HACK: Should deny access for caller: granted 0x0, desired 0x100000 (generic mapping B267A0B0).
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: LsaEnumerateLogonSessions at lib/lsalib/lsa.c:366 is UNIMPLEMENTED!
WARNING: WSHIoctl at dll/win32/wshtcpip/wshtcpip.c:342 is UNIMPLEMENTED!
(dll/win32/wshtcpip/wshtcpip.c:344) Ioctl: Unknown IOCTL code: 1074033791
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
WARNING: NtUnloadKey2 at ntoskrnl/config/ntapi.c:1394 is UNIMPLEMENTED!
(ntoskrnl/io/iomgr/file.c:438) Using IopParseDevice() hack. Requested invalid attributes: 116
Assertion 'CellBlock < RegistryHive->Storage[CellType].Length' failed at /srv/buildbot_cmake/full_cmake/build/lib/cmlib/hivecell.c line 32
[7h
Entered debugger on embedded INT3 at 0x0008:0x809590e2.
kdb:> Re: Malwarebytes' Anti-Malware on ROS
Two things:
1) Could you look at the Putty log and notice the moment before you start the app (or even better, before you start the scan)? Any log lines before that moment don't need to be included - they are only confusing, because they're not directly related.
2) If you get the exception and you are stuck with "kdb>", type "bt" into the frozen ReactOS and press ENTER. That will provide very useful info to the devs (more info gets into Putty).
Otherwise yeah, according to the log there is some issue in the registry part which causes the BSOD (and also there's the unimplemented function).
1) Could you look at the Putty log and notice the moment before you start the app (or even better, before you start the scan)? Any log lines before that moment don't need to be included - they are only confusing, because they're not directly related.
2) If you get the exception and you are stuck with "kdb>", type "bt" into the frozen ReactOS and press ENTER. That will provide very useful info to the devs (more info gets into Putty).
Otherwise yeah, according to the log there is some issue in the registry part which causes the BSOD (and also there's the unimplemented function).
Who is online
Users browsing this forum: DotBot [Crawler] and 12 guests