VirtualBox

Ticket #13187: VBoxStartup.9.log

File VBoxStartup.9.log, 27.6 KB (added by Oorgo, 10 years ago)

VboxStartup Win7x64

Line 
11e5c.1e60: Log file opened: 4.3.20r96997 g_hStartupLog=00000000000000b0 g_uNtVerCombined=0x611db110
21e5c.1e60: \SystemRoot\System32\ntdll.dll:
31e5c.1e60: CreationTime: 2013-09-16T15:34:34.533643000Z
41e5c.1e60: LastWriteTime: 2013-08-02T02:15:44.087554100Z
51e5c.1e60: ChangeTime: 2013-09-16T15:43:39.516643000Z
61e5c.1e60: FileAttributes: 0x20
71e5c.1e60: Size: 0x1a6dc0
81e5c.1e60: NT Headers: 0xe0
91e5c.1e60: Timestamp: 0x51fb164a
101e5c.1e60: Machine: 0x8664 - amd64
111e5c.1e60: Timestamp: 0x51fb164a
121e5c.1e60: Image Version: 6.1
131e5c.1e60: SizeOfImage: 0x1a9000 (1740800)
141e5c.1e60: Resource Dir: 0x151000 LB 0x560d8
151e5c.1e60: ProductName: Microsoft® Windows® Operating System
161e5c.1e60: ProductVersion: 6.1.7601.18229
171e5c.1e60: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
181e5c.1e60: FileDescription: NT Layer DLL
191e5c.1e60: \SystemRoot\System32\kernel32.dll:
201e5c.1e60: CreationTime: 2014-04-09T15:09:24.262654000Z
211e5c.1e60: LastWriteTime: 2014-03-04T09:44:00.336000000Z
221e5c.1e60: ChangeTime: 2014-04-09T15:10:54.374172700Z
231e5c.1e60: FileAttributes: 0x20
241e5c.1e60: Size: 0x11c000
251e5c.1e60: NT Headers: 0xe8
261e5c.1e60: Timestamp: 0x5315a059
271e5c.1e60: Machine: 0x8664 - amd64
281e5c.1e60: Timestamp: 0x5315a059
291e5c.1e60: Image Version: 6.1
301e5c.1e60: SizeOfImage: 0x11f000 (1175552)
311e5c.1e60: Resource Dir: 0x116000 LB 0x528
321e5c.1e60: ProductName: Microsoft® Windows® Operating System
331e5c.1e60: ProductVersion: 6.1.7601.18409
341e5c.1e60: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
351e5c.1e60: FileDescription: Windows NT BASE API Client DLL
361e5c.1e60: \SystemRoot\System32\KernelBase.dll:
371e5c.1e60: CreationTime: 2014-05-17T11:02:43.375841900Z
381e5c.1e60: LastWriteTime: 2014-03-04T09:44:00.336000000Z
391e5c.1e60: ChangeTime: 2014-05-20T21:38:26.784404100Z
401e5c.1e60: FileAttributes: 0x20
411e5c.1e60: Size: 0x67c00
421e5c.1e60: NT Headers: 0xe8
431e5c.1e60: Timestamp: 0x5315a05a
441e5c.1e60: Machine: 0x8664 - amd64
451e5c.1e60: Timestamp: 0x5315a05a
461e5c.1e60: Image Version: 6.1
471e5c.1e60: SizeOfImage: 0x6c000 (442368)
481e5c.1e60: Resource Dir: 0x6a000 LB 0x530
491e5c.1e60: ProductName: Microsoft® Windows® Operating System
501e5c.1e60: ProductVersion: 6.1.7601.18409
511e5c.1e60: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
521e5c.1e60: FileDescription: Windows NT BASE API Client DLL
531e5c.1e60: \SystemRoot\System32\apisetschema.dll:
541e5c.1e60: CreationTime: 2013-09-16T15:34:38.761143000Z
551e5c.1e60: LastWriteTime: 2013-08-02T02:12:20.275000000Z
561e5c.1e60: ChangeTime: 2013-09-16T15:43:39.498643000Z
571e5c.1e60: FileAttributes: 0x20
581e5c.1e60: Size: 0x1a00
591e5c.1e60: NT Headers: 0xc0
601e5c.1e60: Timestamp: 0x51fb15ca
611e5c.1e60: Machine: 0x8664 - amd64
621e5c.1e60: Timestamp: 0x51fb15ca
631e5c.1e60: Image Version: 6.1
641e5c.1e60: SizeOfImage: 0x50000 (327680)
651e5c.1e60: Resource Dir: 0x30000 LB 0x3f8
661e5c.1e60: ProductName: Microsoft® Windows® Operating System
671e5c.1e60: ProductVersion: 6.1.7601.18229
681e5c.1e60: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
691e5c.1e60: FileDescription: ApiSet Schema DLL
701e5c.1e60: Found driver SymNetS (0x2)
711e5c.1e60: Found driver SymDS (0x2)
721e5c.1e60: Found driver SRTSPX (0x2)
731e5c.1e60: Found driver SymEvent (0x2)
741e5c.1e60: Found driver SymIRON (0x2)
751e5c.1e60: supR3HardenedWinFindAdversaries: 0x2
761e5c.1e60: \SystemRoot\System32\drivers\SysPlant.sys:
771e5c.1e60: CreationTime: 2013-09-26T17:13:26.318103900Z
781e5c.1e60: LastWriteTime: 2013-09-26T17:13:26.324354000Z
791e5c.1e60: ChangeTime: 2013-09-26T17:13:26.324354000Z
801e5c.1e60: FileAttributes: 0x20
811e5c.1e60: Size: 0x26ef0
821e5c.1e60: NT Headers: 0xf8
831e5c.1e60: Timestamp: 0x51a0ec2d
841e5c.1e60: Machine: 0x8664 - amd64
851e5c.1e60: Timestamp: 0x51a0ec2d
861e5c.1e60: Image Version: 5.0
871e5c.1e60: SizeOfImage: 0x2f000 (192512)
881e5c.1e60: Resource Dir: 0x2d000 LB 0x490
891e5c.1e60: ProductName: Symantec CMC Firewall
901e5c.1e60: ProductVersion: 12.1.3001.165
911e5c.1e60: FileVersion: 12.1.3001.165
921e5c.1e60: FileDescription: Symantec CMC Firewall SysPlant
931e5c.1e60: \SystemRoot\System32\sysfer.dll:
941e5c.1e60: CreationTime: 2013-09-26T17:13:26.283103400Z
951e5c.1e60: LastWriteTime: 2013-09-26T17:13:26.291853500Z
961e5c.1e60: ChangeTime: 2013-09-26T17:13:26.291853500Z
971e5c.1e60: FileAttributes: 0x20
981e5c.1e60: Size: 0x70190
991e5c.1e60: NT Headers: 0xe8
1001e5c.1e60: Timestamp: 0x51a0ecb5
1011e5c.1e60: Machine: 0x8664 - amd64
1021e5c.1e60: Timestamp: 0x51a0ecb5
1031e5c.1e60: Image Version: 0.0
1041e5c.1e60: SizeOfImage: 0x87000 (552960)
1051e5c.1e60: Resource Dir: 0x85000 LB 0x628
1061e5c.1e60: ProductName: Symantec CMC Firewall
1071e5c.1e60: ProductVersion: 12.1.3001.165
1081e5c.1e60: FileVersion: 12.1.3001.165
1091e5c.1e60: FileDescription: Symantec CMC Firewall sysfer
1101e5c.1e60: \SystemRoot\System32\sysferThunk.dll:
1111e5c.1e60: CreationTime: 2013-09-26T17:13:26.299353600Z
1121e5c.1e60: LastWriteTime: 2013-09-26T17:13:26.306853700Z
1131e5c.1e60: ChangeTime: 2013-09-26T17:13:26.306853700Z
1141e5c.1e60: FileAttributes: 0x20
1151e5c.1e60: Size: 0x2f90
1161e5c.1e60: NT Headers: 0xd0
1171e5c.1e60: Timestamp: 0x51a0ecb6
1181e5c.1e60: Machine: 0x8664 - amd64
1191e5c.1e60: Timestamp: 0x51a0ecb6
1201e5c.1e60: Image Version: 0.0
1211e5c.1e60: SizeOfImage: 0x8000 (32768)
1221e5c.1e60: Resource Dir: 0x6000 LB 0x640
1231e5c.1e60: ProductName: Symantec CMC Firewall
1241e5c.1e60: ProductVersion: 12.1.3001.165
1251e5c.1e60: FileVersion: 12.1.3001.165
1261e5c.1e60: FileDescription: Symantec CMC Firewall SysferThunk
1271e5c.1e60: \SystemRoot\System32\drivers\symevent64x86.sys:
1281e5c.1e60: CreationTime: 2010-11-25T21:20:00.394390800Z
1291e5c.1e60: LastWriteTime: 2013-09-26T16:57:13.697194900Z
1301e5c.1e60: ChangeTime: 2013-09-26T16:57:13.697194900Z
1311e5c.1e60: FileAttributes: 0x20
1321e5c.1e60: Size: 0x2b4a0
1331e5c.1e60: NT Headers: 0xe8
1341e5c.1e60: Timestamp: 0x50346f1e
1351e5c.1e60: Machine: 0x8664 - amd64
1361e5c.1e60: Timestamp: 0x50346f1e
1371e5c.1e60: Image Version: 6.0
1381e5c.1e60: SizeOfImage: 0x38000 (229376)
1391e5c.1e60: Resource Dir: 0x36000 LB 0x3c8
1401e5c.1e60: ProductName: SYMEVENT
1411e5c.1e60: ProductVersion: 12.9.3.1
1421e5c.1e60: FileVersion: 12.9.3.1
1431e5c.1e60: FileDescription: Symantec Event Library
1441e5c.1e60: Calling main()
1451e5c.1e60: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
1461e5c.1e60: SUPR3HardenedMain: Respawn #1
1471e5c.1e60: System32: \Device\HarddiskVolume2\Windows\System32
1481e5c.1e60: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
1491e5c.1e60: KnownDllPath: C:\Windows\system32
1501e5c.1e60: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1511e5c.1e60: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1521e5c.1e60: supR3HardNtEnableThreadCreation:
1531e5c.1e60: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007798c340 pvNtTerminateThread=00000000779b17e0
1541e5c.1e60: supR3HardenedWinDoReSpawn(1): New child 1e64.1e68 [kernel32].
1551e5c.1e60: supR3HardNtChildGatherData: PebBaseAddress=000007fffffda000 cbPeb=0x380
1561e5c.1e60: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077960000 uNtDllChildAddr=0000000077960000
1571e5c.1e60: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007798c340
1581e5c.1e60: supR3HardenedWinSetupChildInit: Start child.
1591e5c.1e60: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 32 ms.
1601e5c.1e60: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps
1611e5c.1e60: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
1621e5c.1e60: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
1631e5c.1e60: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
1641e5c.1e60: *0000000000030000-0000000000027fff 0x0040/0x0040 0x0020000 !!
1651e5c.1e60: supHardNtVpScanVirtualMemory: Freeing exec mem at 0000000000030000 (0000000000030000 LB 0x8000)
1661e5c.1e60: 0000000000038000-000000000002ffff 0x0001/0x0000 0x0000000
1671e5c.1e60: *0000000000040000-000000000003bfff 0x0002/0x0002 0x0040000
1681e5c.1e60: 0000000000044000-0000000000037fff 0x0001/0x0000 0x0000000
1691e5c.1e60: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
1701e5c.1e60: 0000000000051000-0000000000041fff 0x0001/0x0000 0x0000000
1711e5c.1e60: *0000000000060000-000000000005efff 0x0004/0x0004 0x0020000
1721e5c.1e60: 0000000000061000-fffffffffffd1fff 0x0001/0x0000 0x0000000
1731e5c.1e60: *00000000000f0000-ffffffffffff3fff 0x0000/0x0004 0x0020000
1741e5c.1e60: 00000000001ec000-00000000001e8fff 0x0104/0x0004 0x0020000
1751e5c.1e60: 00000000001ef000-00000000001edfff 0x0004/0x0004 0x0020000
1761e5c.1e60: 00000000001f0000-ffffffff88a7ffff 0x0001/0x0000 0x0000000
1771e5c.1e60: *0000000077960000-000000007795efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1781e5c.1e60: 0000000077961000-000000007785efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1791e5c.1e60: 0000000077a63000-0000000077a33fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1801e5c.1e60: 0000000077a92000-0000000077a89fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1811e5c.1e60: 0000000077a9a000-0000000077a98fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1821e5c.1e60: 0000000077a9b000-0000000077a97fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1831e5c.1e60: 0000000077a9e000-0000000077a32fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1841e5c.1e60: 0000000077b09000-0000000070631fff 0x0001/0x0000 0x0000000
1851e5c.1e60: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
1861e5c.1e60: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1871e5c.1e60: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1881e5c.1e60: 000000007fff0000-ffffffffc0f5ffff 0x0001/0x0000 0x0000000
1891e5c.1e60: *000000013f080000-000000013f07efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1901e5c.1e60: 000000013f081000-000000013effcfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1911e5c.1e60: 000000013f105000-000000013f103fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1921e5c.1e60: 000000013f106000-000000013f0c8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1931e5c.1e60: 000000013f143000-000000013f141fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1941e5c.1e60: 000000013f144000-000000013f142fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1951e5c.1e60: 000000013f145000-000000013f142fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1961e5c.1e60: 000000013f147000-000000013f145fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1971e5c.1e60: 000000013f148000-000000013f146fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1981e5c.1e60: 000000013f149000-000000013f144fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1991e5c.1e60: 000000013f14d000-000000013f113fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2001e5c.1e60: 000000013f186000-fffff8037e68bfff 0x0001/0x0000 0x0000000
2011e5c.1e60: *000007feffc80000-000007feffc7efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
2021e5c.1e60: 000007feffc81000-000007fdff951fff 0x0001/0x0000 0x0000000
2031e5c.1e60: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
2041e5c.1e60: 000007fffffd3000-000007fffffcbfff 0x0001/0x0000 0x0000000
2051e5c.1e60: *000007fffffda000-000007fffffd8fff 0x0004/0x0004 0x0020000
2061e5c.1e60: 000007fffffdb000-000007fffffd7fff 0x0001/0x0000 0x0000000
2071e5c.1e60: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
2081e5c.1e60: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2091e5c.1e60: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
2101e5c.1e60: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
2111e5c.1e60: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2121e5c.1e60: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
2131e5c.1e60: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
2141e5c.1e60: supR3HardNtChildPurify: cFixes=1 g_fSupAdversaries=0x2 cPatchCount=0
2151e5c.1e60: supR3HardNtChildPurify: Startup delay kludge #1/1: 520 ms, 65 sleeps
2161e5c.1e60: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2171e5c.1e60: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
2181e5c.1e60: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
2191e5c.1e60: 0000000000030000-000000000001ffff 0x0001/0x0000 0x0000000
2201e5c.1e60: *0000000000040000-000000000003bfff 0x0002/0x0002 0x0040000
2211e5c.1e60: 0000000000044000-0000000000037fff 0x0001/0x0000 0x0000000
2221e5c.1e60: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
2231e5c.1e60: 0000000000051000-0000000000041fff 0x0001/0x0000 0x0000000
2241e5c.1e60: *0000000000060000-000000000005efff 0x0004/0x0004 0x0020000
2251e5c.1e60: 0000000000061000-fffffffffffd1fff 0x0001/0x0000 0x0000000
2261e5c.1e60: *00000000000f0000-ffffffffffff3fff 0x0000/0x0004 0x0020000
2271e5c.1e60: 00000000001ec000-00000000001e8fff 0x0104/0x0004 0x0020000
2281e5c.1e60: 00000000001ef000-00000000001edfff 0x0004/0x0004 0x0020000
2291e5c.1e60: 00000000001f0000-ffffffff88a7ffff 0x0001/0x0000 0x0000000
2301e5c.1e60: *0000000077960000-000000007795efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2311e5c.1e60: 0000000077961000-000000007785efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2321e5c.1e60: 0000000077a63000-0000000077a33fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2331e5c.1e60: 0000000077a92000-0000000077a89fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2341e5c.1e60: 0000000077a9a000-0000000077a98fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2351e5c.1e60: 0000000077a9b000-0000000077a99fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2361e5c.1e60: 0000000077a9c000-0000000077a99fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2371e5c.1e60: 0000000077a9e000-0000000077a32fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2381e5c.1e60: 0000000077b09000-0000000070631fff 0x0001/0x0000 0x0000000
2391e5c.1e60: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
2401e5c.1e60: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2411e5c.1e60: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2421e5c.1e60: 000000007fff0000-ffffffffc0f5ffff 0x0001/0x0000 0x0000000
2431e5c.1e60: *000000013f080000-000000013f07efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2441e5c.1e60: 000000013f081000-000000013effcfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2451e5c.1e60: 000000013f105000-000000013f103fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2461e5c.1e60: 000000013f106000-000000013f0c8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2471e5c.1e60: 000000013f143000-000000013f138fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2481e5c.1e60: 000000013f14d000-000000013f113fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2491e5c.1e60: 000000013f186000-fffff8037e68bfff 0x0001/0x0000 0x0000000
2501e5c.1e60: *000007feffc80000-000007feffc7efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
2511e5c.1e60: 000007feffc81000-000007fdff951fff 0x0001/0x0000 0x0000000
2521e5c.1e60: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
2531e5c.1e60: 000007fffffd3000-000007fffffcbfff 0x0001/0x0000 0x0000000
2541e5c.1e60: *000007fffffda000-000007fffffd8fff 0x0004/0x0004 0x0020000
2551e5c.1e60: 000007fffffdb000-000007fffffd7fff 0x0001/0x0000 0x0000000
2561e5c.1e60: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
2571e5c.1e60: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2581e5c.1e60: supR3HardNtChildPurify: Done after 1081 ms and 1 fixes (loop #1).
2591e64.1e68: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
2601e64.1e68: supR3HardenedVmProcessInit: uNtDllAddr=0000000077960000
2611e5c.1e60: supR3HardNtEnableThreadCreation:
2621e64.1e68: ntdll.dll: timestamp 0x51fb164a (rc=VINF_SUCCESS)
2631e64.1e68: New simple heap: #1 00000000002f0000 LB 0x400000 (for 1740800 allocation)
2641e64.1e68: System32: \Device\HarddiskVolume2\Windows\System32
2651e64.1e68: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
2661e64.1e68: KnownDllPath: C:\Windows\system32
2671e64.1e68: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2681e64.1e68: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
2691e64.1e68: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
2701e64.1e68: Registered Dll notification callback with NTDLL.
2711e64.1e68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
2721e64.1e68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2731e64.1e68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2741e64.1e68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2751e64.1e68: supR3HardenedDllNotificationCallback: load 0000000077840000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
2761e64.1e68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2771e64.1e68: supR3HardenedDllNotificationCallback: load 000007fefd9d0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
2781e64.1e68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
2791e64.1e68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2801e64.1e68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077840000 'C:\Windows\system32\kernel32.dll'
2811e64.1e68: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007798c340 pvNtTerminateThread=00000000779b17e0
2821e5c.1e60: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 185 ms.
2831e64.1e68: \SystemRoot\System32\ntdll.dll:
2841e64.1e68: CreationTime: 2013-09-16T15:34:34.533643000Z
2851e64.1e68: LastWriteTime: 2013-08-02T02:15:44.087554100Z
2861e64.1e68: ChangeTime: 2013-09-16T15:43:39.516643000Z
2871e64.1e68: FileAttributes: 0x20
2881e64.1e68: Size: 0x1a6dc0
2891e64.1e68: NT Headers: 0xe0
2901e64.1e68: Timestamp: 0x51fb164a
2911e64.1e68: Machine: 0x8664 - amd64
2921e64.1e68: Timestamp: 0x51fb164a
2931e64.1e68: Image Version: 6.1
2941e64.1e68: SizeOfImage: 0x1a9000 (1740800)
2951e64.1e68: Resource Dir: 0x151000 LB 0x560d8
2961e64.1e68: ProductName: Microsoft® Windows® Operating System
2971e64.1e68: ProductVersion: 6.1.7601.18229
2981e64.1e68: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
2991e64.1e68: FileDescription: NT Layer DLL
3001e64.1e68: \SystemRoot\System32\kernel32.dll:
3011e64.1e68: CreationTime: 2014-04-09T15:09:24.262654000Z
3021e64.1e68: LastWriteTime: 2014-03-04T09:44:00.336000000Z
3031e64.1e68: ChangeTime: 2014-04-09T15:10:54.374172700Z
3041e64.1e68: FileAttributes: 0x20
3051e64.1e68: Size: 0x11c000
3061e64.1e68: NT Headers: 0xe8
3071e64.1e68: Timestamp: 0x5315a059
3081e64.1e68: Machine: 0x8664 - amd64
3091e64.1e68: Timestamp: 0x5315a059
3101e64.1e68: Image Version: 6.1
3111e64.1e68: SizeOfImage: 0x11f000 (1175552)
3121e64.1e68: Resource Dir: 0x116000 LB 0x528
3131e64.1e68: ProductName: Microsoft® Windows® Operating System
3141e64.1e68: ProductVersion: 6.1.7601.18409
3151e64.1e68: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3161e64.1e68: FileDescription: Windows NT BASE API Client DLL
3171e64.1e68: \SystemRoot\System32\KernelBase.dll:
3181e64.1e68: CreationTime: 2014-05-17T11:02:43.375841900Z
3191e64.1e68: LastWriteTime: 2014-03-04T09:44:00.336000000Z
3201e64.1e68: ChangeTime: 2014-05-20T21:38:26.784404100Z
3211e64.1e68: FileAttributes: 0x20
3221e64.1e68: Size: 0x67c00
3231e64.1e68: NT Headers: 0xe8
3241e64.1e68: Timestamp: 0x5315a05a
3251e64.1e68: Machine: 0x8664 - amd64
3261e64.1e68: Timestamp: 0x5315a05a
3271e64.1e68: Image Version: 6.1
3281e64.1e68: SizeOfImage: 0x6c000 (442368)
3291e64.1e68: Resource Dir: 0x6a000 LB 0x530
3301e64.1e68: ProductName: Microsoft® Windows® Operating System
3311e64.1e68: ProductVersion: 6.1.7601.18409
3321e64.1e68: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3331e64.1e68: FileDescription: Windows NT BASE API Client DLL
3341e64.1e68: \SystemRoot\System32\apisetschema.dll:
3351e64.1e68: CreationTime: 2013-09-16T15:34:38.761143000Z
3361e64.1e68: LastWriteTime: 2013-08-02T02:12:20.275000000Z
3371e64.1e68: ChangeTime: 2013-09-16T15:43:39.498643000Z
3381e64.1e68: FileAttributes: 0x20
3391e64.1e68: Size: 0x1a00
3401e64.1e68: NT Headers: 0xc0
3411e64.1e68: Timestamp: 0x51fb15ca
3421e64.1e68: Machine: 0x8664 - amd64
3431e64.1e68: Timestamp: 0x51fb15ca
3441e64.1e68: Image Version: 6.1
3451e64.1e68: SizeOfImage: 0x50000 (327680)
3461e64.1e68: Resource Dir: 0x30000 LB 0x3f8
3471e64.1e68: ProductName: Microsoft® Windows® Operating System
3481e64.1e68: ProductVersion: 6.1.7601.18229
3491e64.1e68: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
3501e64.1e68: FileDescription: ApiSet Schema DLL
3511e64.1e68: Found driver SymNetS (0x2)
3521e64.1e68: Found driver SymDS (0x2)
3531e64.1e68: Found driver SRTSPX (0x2)
3541e64.1e68: Found driver SymEvent (0x2)
3551e64.1e68: Found driver SymIRON (0x2)
3561e64.1e68: supR3HardenedWinFindAdversaries: 0x2
3571e64.1e68: \SystemRoot\System32\drivers\SysPlant.sys:
3581e64.1e68: CreationTime: 2013-09-26T17:13:26.318103900Z
3591e64.1e68: LastWriteTime: 2013-09-26T17:13:26.324354000Z
3601e64.1e68: ChangeTime: 2013-09-26T17:13:26.324354000Z
3611e64.1e68: FileAttributes: 0x20
3621e64.1e68: Size: 0x26ef0
3631e64.1e68: NT Headers: 0xf8
3641e64.1e68: Timestamp: 0x51a0ec2d
3651e64.1e68: Machine: 0x8664 - amd64
3661e64.1e68: Timestamp: 0x51a0ec2d
3671e64.1e68: Image Version: 5.0
3681e64.1e68: SizeOfImage: 0x2f000 (192512)
3691e64.1e68: Resource Dir: 0x2d000 LB 0x490
3701e64.1e68: ProductName: Symantec CMC Firewall
3711e64.1e68: ProductVersion: 12.1.3001.165
3721e64.1e68: FileVersion: 12.1.3001.165
3731e64.1e68: FileDescription: Symantec CMC Firewall SysPlant
3741e64.1e68: \SystemRoot\System32\sysfer.dll:
3751e64.1e68: CreationTime: 2013-09-26T17:13:26.283103400Z
3761e64.1e68: LastWriteTime: 2013-09-26T17:13:26.291853500Z
3771e64.1e68: ChangeTime: 2013-09-26T17:13:26.291853500Z
3781e64.1e68: FileAttributes: 0x20
3791e64.1e68: Size: 0x70190
3801e64.1e68: NT Headers: 0xe8
3811e64.1e68: Timestamp: 0x51a0ecb5
3821e64.1e68: Machine: 0x8664 - amd64
3831e64.1e68: Timestamp: 0x51a0ecb5
3841e64.1e68: Image Version: 0.0
3851e64.1e68: SizeOfImage: 0x87000 (552960)
3861e64.1e68: Resource Dir: 0x85000 LB 0x628
3871e64.1e68: ProductName: Symantec CMC Firewall
3881e64.1e68: ProductVersion: 12.1.3001.165
3891e64.1e68: FileVersion: 12.1.3001.165
3901e64.1e68: FileDescription: Symantec CMC Firewall sysfer
3911e64.1e68: \SystemRoot\System32\sysferThunk.dll:
3921e64.1e68: CreationTime: 2013-09-26T17:13:26.299353600Z
3931e64.1e68: LastWriteTime: 2013-09-26T17:13:26.306853700Z
3941e64.1e68: ChangeTime: 2013-09-26T17:13:26.306853700Z
3951e64.1e68: FileAttributes: 0x20
3961e64.1e68: Size: 0x2f90
3971e64.1e68: NT Headers: 0xd0
3981e64.1e68: Timestamp: 0x51a0ecb6
3991e64.1e68: Machine: 0x8664 - amd64
4001e64.1e68: Timestamp: 0x51a0ecb6
4011e64.1e68: Image Version: 0.0
4021e64.1e68: SizeOfImage: 0x8000 (32768)
4031e64.1e68: Resource Dir: 0x6000 LB 0x640
4041e64.1e68: ProductName: Symantec CMC Firewall
4051e64.1e68: ProductVersion: 12.1.3001.165
4061e64.1e68: FileVersion: 12.1.3001.165
4071e64.1e68: FileDescription: Symantec CMC Firewall SysferThunk
4081e64.1e68: \SystemRoot\System32\drivers\symevent64x86.sys:
4091e64.1e68: CreationTime: 2010-11-25T21:20:00.394390800Z
4101e64.1e68: LastWriteTime: 2013-09-26T16:57:13.697194900Z
4111e64.1e68: ChangeTime: 2013-09-26T16:57:13.697194900Z
4121e64.1e68: FileAttributes: 0x20
4131e64.1e68: Size: 0x2b4a0
4141e64.1e68: NT Headers: 0xe8
4151e64.1e68: Timestamp: 0x50346f1e
4161e64.1e68: Machine: 0x8664 - amd64
4171e64.1e68: Timestamp: 0x50346f1e
4181e64.1e68: Image Version: 6.0
4191e64.1e68: SizeOfImage: 0x38000 (229376)
4201e64.1e68: Resource Dir: 0x36000 LB 0x3c8
4211e64.1e68: ProductName: SYMEVENT
4221e64.1e68: ProductVersion: 12.9.3.1
4231e64.1e68: FileVersion: 12.9.3.1
4241e64.1e68: FileDescription: Symantec Event Library
4251e64.1e68: Calling main()
4261e64.1e68: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4271e64.1e68: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
4281e64.1e68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
4291e64.1e68: SUPR3HardenedMain: Respawn #2
4301e64.1e68: supR3HardNtEnableThreadCreation:
4311e64.1e68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
4321e64.1e68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
4331e64.1e68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
4341e64.1e68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4351e64.1e68: supR3HardenedDllNotificationCallback: load 000007fefd5e0000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
4361e64.1e68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4371e64.1e68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5e0000 'C:\Windows\system32\apphelp.dll'

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy