Description
No handlers could be found for logger "volatility.debug"
GL & HF <3 ATZ
Traceback (most recent call last):
File ".\volexp.py", line 15211, in
main()
File ".\volexp.py", line 15203, in main
my_ve.render_text(None, ve_calc, root)
File ".\volexp.py", line 13562, in render_text
for process, pid, ppid, cpu, pb, ws, Description, cn, dep, aslr, cfg, protection, isDebug, Prefetch, threads, handles, un, session, noh, sc, pfc, di, it, cs, winStatus, integrity, priority, ct, cycles, wsp, ppd, pwss, vs, pvs, createT, intName, ofn, wt, cl, path, cd, version, e_proc in data:
File ".\volexp.py", line 13471, in calculate
if int(self.kaddr_space.profile.metadata.get('major')) > 5 and int(self.kaddr_space.profile.metadata.get('minor')) > 1 and e_proc.Protection.Type > 0: #e_proc.Protection.Type==1: PsProtectionSingUntyMalwareLight, if 2 then is stronget and if 0 then no protection:###e_proc.Flag2&0x800 6.0-6.1#find protected process # _proc.Protection.Type==1: PsProtectionSingUntyMalwareLight, if 2 then is stronget and if 0 then no protection ###e_proc.Flag2&0x800 6.0-6.1and hasattr(e_proc, "Protection")
File "C:\volatility\V2Exp\volatility\obj.py", line 751, in getattr
return self.m(attr)
File "C:\volatility\V2Exp\volatility\obj.py", line 733, in m
raise AttributeError("Struct {0} has no member {1}".format(self.obj_name, attr))
AttributeError: Struct _EPROCESS has no member Protection
Then the LoadScreen keeps looping and nothing happens.
~ LvdW
What I did is install the following packages:
distorm3
yara
pycrypto
pillow
openpyxl
pytz
ipython
capstone
ujson==1.35
tkkthemes
Let me know if I am doing something wrong.
I have tried with both the .exe and the normal .py to run it, same results.