VirtualBox

Ticket #13187: VBoxStartup8.log

File VBoxStartup8.log, 40.3 KB (added by Benjamin, 10 years ago)

vm failed to start 4.3.20

Line 
1235c.2360: Log file opened: 4.3.20r96997 g_hStartupLog=00000000000000b0 g_uNtVerCombined=0x611db110
2235c.2360: \SystemRoot\System32\ntdll.dll:
3235c.2360: CreationTime: 2013-10-15T08:52:37.951647100Z
4235c.2360: LastWriteTime: 2013-10-15T08:52:37.951647100Z
5235c.2360: ChangeTime: 2014-01-21T11:22:29.206781100Z
6235c.2360: FileAttributes: 0x20
7235c.2360: Size: 0x1a6dc0
8235c.2360: NT Headers: 0xe0
9235c.2360: Timestamp: 0x521eaf24
10235c.2360: Machine: 0x8664 - amd64
11235c.2360: Timestamp: 0x521eaf24
12235c.2360: Image Version: 6.1
13235c.2360: SizeOfImage: 0x1a9000 (1740800)
14235c.2360: Resource Dir: 0x151000 LB 0x560d8
15235c.2360: ProductName: Microsoft® Windows® Operating System
16235c.2360: ProductVersion: 6.1.7601.18247
17235c.2360: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
18235c.2360: FileDescription: NT Layer DLL
19235c.2360: \SystemRoot\System32\kernel32.dll:
20235c.2360: CreationTime: 2014-04-17T09:23:14.230910600Z
21235c.2360: LastWriteTime: 2014-03-04T09:44:00.336000000Z
22235c.2360: ChangeTime: 2014-04-23T07:35:07.436901900Z
23235c.2360: FileAttributes: 0x20
24235c.2360: Size: 0x11c000
25235c.2360: NT Headers: 0xe8
26235c.2360: Timestamp: 0x5315a059
27235c.2360: Machine: 0x8664 - amd64
28235c.2360: Timestamp: 0x5315a059
29235c.2360: Image Version: 6.1
30235c.2360: SizeOfImage: 0x11f000 (1175552)
31235c.2360: Resource Dir: 0x116000 LB 0x528
32235c.2360: ProductName: Microsoft® Windows® Operating System
33235c.2360: ProductVersion: 6.1.7601.18409
34235c.2360: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
35235c.2360: FileDescription: Windows NT BASE API Client DLL
36235c.2360: \SystemRoot\System32\KernelBase.dll:
37235c.2360: CreationTime: 2014-05-22T09:26:34.595575100Z
38235c.2360: LastWriteTime: 2014-03-04T09:44:00.336000000Z
39235c.2360: ChangeTime: 2014-05-22T09:55:23.449910400Z
40235c.2360: FileAttributes: 0x20
41235c.2360: Size: 0x67c00
42235c.2360: NT Headers: 0xe8
43235c.2360: Timestamp: 0x5315a05a
44235c.2360: Machine: 0x8664 - amd64
45235c.2360: Timestamp: 0x5315a05a
46235c.2360: Image Version: 6.1
47235c.2360: SizeOfImage: 0x6c000 (442368)
48235c.2360: Resource Dir: 0x6a000 LB 0x530
49235c.2360: ProductName: Microsoft® Windows® Operating System
50235c.2360: ProductVersion: 6.1.7601.18409
51235c.2360: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
52235c.2360: FileDescription: Windows NT BASE API Client DLL
53235c.2360: \SystemRoot\System32\apisetschema.dll:
54235c.2360: CreationTime: 2013-09-12T10:10:15.591446300Z
55235c.2360: LastWriteTime: 2013-09-12T10:10:15.596446800Z
56235c.2360: ChangeTime: 2014-01-21T11:22:22.818652400Z
57235c.2360: FileAttributes: 0x20
58235c.2360: Size: 0x1a00
59235c.2360: NT Headers: 0xc0
60235c.2360: Timestamp: 0x51fb15ca
61235c.2360: Machine: 0x8664 - amd64
62235c.2360: Timestamp: 0x51fb15ca
63235c.2360: Image Version: 6.1
64235c.2360: SizeOfImage: 0x50000 (327680)
65235c.2360: Resource Dir: 0x30000 LB 0x3f8
66235c.2360: ProductName: Microsoft® Windows® Operating System
67235c.2360: ProductVersion: 6.1.7601.18229
68235c.2360: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
69235c.2360: FileDescription: ApiSet Schema DLL
70235c.2360: Found driver SymNetS (0x2)
71235c.2360: Found driver SRTSPX (0x2)
72235c.2360: Found driver SymEvent (0x2)
73235c.2360: Found driver SymIRON (0x2)
74235c.2360: supR3HardenedWinFindAdversaries: 0x2
75235c.2360: \SystemRoot\System32\drivers\SysPlant.sys:
76235c.2360: CreationTime: 2014-01-21T12:10:05.680296300Z
77235c.2360: LastWriteTime: 2014-11-12T12:35:07.305641800Z
78235c.2360: ChangeTime: 2014-11-12T12:35:07.305641800Z
79235c.2360: FileAttributes: 0x20
80235c.2360: Size: 0x26f40
81235c.2360: NT Headers: 0x100
82235c.2360: Timestamp: 0x5413cb4e
83235c.2360: Machine: 0x8664 - amd64
84235c.2360: Timestamp: 0x5413cb4e
85235c.2360: Image Version: 5.0
86235c.2360: SizeOfImage: 0x2d000 (184320)
87235c.2360: Resource Dir: 0x2b000 LB 0x498
88235c.2360: ProductName: Symantec CMC Firewall
89235c.2360: ProductVersion: 12.1.5337.5000
90235c.2360: FileVersion: 12.1.5337.5000
91235c.2360: FileDescription: Symantec CMC Firewall SysPlant
92235c.2360: \SystemRoot\System32\sysfer.dll:
93235c.2360: CreationTime: 2014-01-21T12:10:05.664702900Z
94235c.2360: LastWriteTime: 2014-11-12T12:35:07.243241700Z
95235c.2360: ChangeTime: 2014-11-12T12:35:07.243241700Z
96235c.2360: FileAttributes: 0x20
97235c.2360: Size: 0x70f60
98235c.2360: NT Headers: 0xe8
99235c.2360: Timestamp: 0x5413cb55
100235c.2360: Machine: 0x8664 - amd64
101235c.2360: Timestamp: 0x5413cb55
102235c.2360: Image Version: 0.0
103235c.2360: SizeOfImage: 0x88000 (557056)
104235c.2360: Resource Dir: 0x86000 LB 0x630
105235c.2360: ProductName: Symantec CMC Firewall
106235c.2360: ProductVersion: 12.1.5337.5000
107235c.2360: FileVersion: 12.1.5337.5000
108235c.2360: FileDescription: Symantec CMC Firewall sysfer
109235c.2360: \SystemRoot\System32\drivers\symevent64x86.sys:
110235c.2360: CreationTime: 2014-01-21T12:10:37.553205900Z
111235c.2360: LastWriteTime: 2014-11-05T00:46:27.560779500Z
112235c.2360: ChangeTime: 2014-11-05T00:46:27.560779500Z
113235c.2360: FileAttributes: 0x20
114235c.2360: Size: 0x2b658
115235c.2360: NT Headers: 0xe8
116235c.2360: Timestamp: 0x51f32ff2
117235c.2360: Machine: 0x8664 - amd64
118235c.2360: Timestamp: 0x51f32ff2
119235c.2360: Image Version: 6.0
120235c.2360: SizeOfImage: 0x38000 (229376)
121235c.2360: Resource Dir: 0x36000 LB 0x3c8
122235c.2360: ProductName: SYMEVENT
123235c.2360: ProductVersion: 12.9.5.2
124235c.2360: FileVersion: 12.9.5.2
125235c.2360: FileDescription: Symantec Event Library
126235c.2360: Calling main()
127235c.2360: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
128235c.2360: SUPR3HardenedMain: Respawn #1
129235c.2360: System32: \Device\HarddiskVolume1\Windows\System32
130235c.2360: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
131235c.2360: KnownDllPath: C:\WINDOWS\system32
132235c.2360: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
133235c.2360: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
134235c.2360: supR3HardNtEnableThreadCreation:
135235c.2360: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007714c340 pvNtTerminateThread=00000000771717e0
136235c.2360: supR3HardenedWinDoReSpawn(1): New child 238c.2390 [kernel32].
137235c.2360: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd4000 cbPeb=0x380
138235c.2360: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077120000 uNtDllChildAddr=0000000077120000
139235c.2360: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007714c340
140235c.2360: supR3HardenedWinSetupChildInit: Start child.
141235c.2360: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
142235c.2360: supR3HardNtChildPurify: Startup delay kludge #1/0: 518 ms, 63 sleeps
143235c.2360: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
144235c.2360: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
145235c.2360: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
146235c.2360: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
147235c.2360: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
148235c.2360: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
149235c.2360: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
150235c.2360: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
151235c.2360: 0000000000051000-fffffffffffe1fff 0x0001/0x0000 0x0000000
152235c.2360: *00000000000c0000-fffffffffffc3fff 0x0000/0x0004 0x0020000
153235c.2360: 00000000001bc000-00000000001b8fff 0x0104/0x0004 0x0020000
154235c.2360: 00000000001bf000-00000000001bdfff 0x0004/0x0004 0x0020000
155235c.2360: 00000000001c0000-ffffffff8925ffff 0x0001/0x0000 0x0000000
156235c.2360: *0000000077120000-000000007711efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
157235c.2360: 0000000077121000-000000007701efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
158235c.2360: 0000000077223000-00000000771f3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
159235c.2360: 0000000077252000-0000000077249fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
160235c.2360: 000000007725a000-0000000077258fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
161235c.2360: 000000007725b000-0000000077257fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
162235c.2360: 000000007725e000-00000000771f2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
163235c.2360: 00000000772c9000-000000006f5b1fff 0x0001/0x0000 0x0000000
164235c.2360: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
165235c.2360: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
166235c.2360: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
167235c.2360: 000000007fff0000-ffffffffc0e2ffff 0x0001/0x0000 0x0000000
168235c.2360: *000000013f1b0000-000000013f1aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
169235c.2360: 000000013f1b1000-000000013f12cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
170235c.2360: 000000013f235000-000000013f233fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
171235c.2360: 000000013f236000-000000013f1f8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
172235c.2360: 000000013f273000-000000013f271fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
173235c.2360: 000000013f274000-000000013f272fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
174235c.2360: 000000013f275000-000000013f272fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
175235c.2360: 000000013f277000-000000013f275fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
176235c.2360: 000000013f278000-000000013f276fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
177235c.2360: 000000013f279000-000000013f274fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
178235c.2360: 000000013f27d000-000000013f243fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
179235c.2360: 000000013f2b6000-fffff8037f12bfff 0x0001/0x0000 0x0000000
180235c.2360: *000007feff440000-000007feff43efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
181235c.2360: 000007feff441000-000007fdfe8d1fff 0x0001/0x0000 0x0000000
182235c.2360: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
183235c.2360: 000007fffffd3000-000007fffffd1fff 0x0001/0x0000 0x0000000
184235c.2360: *000007fffffd4000-000007fffffd2fff 0x0004/0x0004 0x0020000
185235c.2360: 000007fffffd5000-000007fffffcbfff 0x0001/0x0000 0x0000000
186235c.2360: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
187235c.2360: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
188235c.2360: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
189235c.2360: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
190235c.2360: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
191235c.2360: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
192235c.2360: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
193235c.2360: supR3HardNtChildPurify: Done after 534 ms and 0 fixes (loop #0).
194238c.2390: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
195238c.2390: supR3HardenedVmProcessInit: uNtDllAddr=0000000077120000
196238c.2390: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
197238c.2390: New simple heap: #1 00000000002c0000 LB 0x400000 (for 1740800 allocation)
198235c.2360: supR3HardNtEnableThreadCreation:
199238c.2390: System32: \Device\HarddiskVolume1\Windows\System32
200238c.2390: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
201238c.2390: KnownDllPath: C:\WINDOWS\system32
202238c.2390: supR3HardenedVmProcessInit: Opening vboxdrv stub...
203238c.2390: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
204238c.2390: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
205238c.2390: Registered Dll notification callback with NTDLL.
206238c.2390: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
207238c.2390: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
208238c.2390: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
209238c.2390: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
210235c.2360: Error (rc=258):
211235c.2360: Timed out after 60009 ms waiting for child request #1 (CloseEvents).
212235c.2360: Error 258 in supR3HardNtChildWaitFor! (enmWhat=5)
213235c.2360: Timed out after 60009 ms waiting for child request #1 (CloseEvents).
2142198.5a0: Log file opened: 4.3.20r96997 g_hStartupLog=00000000000000b0 g_uNtVerCombined=0x611db110
2152198.5a0: \SystemRoot\System32\ntdll.dll:
2162198.5a0: CreationTime: 2013-10-15T08:52:37.951647100Z
2172198.5a0: LastWriteTime: 2013-10-15T08:52:37.951647100Z
2182198.5a0: ChangeTime: 2014-01-21T11:22:29.206781100Z
2192198.5a0: FileAttributes: 0x20
2202198.5a0: Size: 0x1a6dc0
2212198.5a0: NT Headers: 0xe0
2222198.5a0: Timestamp: 0x521eaf24
2232198.5a0: Machine: 0x8664 - amd64
2242198.5a0: Timestamp: 0x521eaf24
2252198.5a0: Image Version: 6.1
2262198.5a0: SizeOfImage: 0x1a9000 (1740800)
2272198.5a0: Resource Dir: 0x151000 LB 0x560d8
2282198.5a0: ProductName: Microsoft® Windows® Operating System
2292198.5a0: ProductVersion: 6.1.7601.18247
2302198.5a0: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
2312198.5a0: FileDescription: NT Layer DLL
2322198.5a0: \SystemRoot\System32\kernel32.dll:
2332198.5a0: CreationTime: 2014-04-17T09:23:14.230910600Z
2342198.5a0: LastWriteTime: 2014-03-04T09:44:00.336000000Z
2352198.5a0: ChangeTime: 2014-04-23T07:35:07.436901900Z
2362198.5a0: FileAttributes: 0x20
2372198.5a0: Size: 0x11c000
2382198.5a0: NT Headers: 0xe8
2392198.5a0: Timestamp: 0x5315a059
2402198.5a0: Machine: 0x8664 - amd64
2412198.5a0: Timestamp: 0x5315a059
2422198.5a0: Image Version: 6.1
2432198.5a0: SizeOfImage: 0x11f000 (1175552)
2442198.5a0: Resource Dir: 0x116000 LB 0x528
2452198.5a0: ProductName: Microsoft® Windows® Operating System
2462198.5a0: ProductVersion: 6.1.7601.18409
2472198.5a0: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
2482198.5a0: FileDescription: Windows NT BASE API Client DLL
2492198.5a0: \SystemRoot\System32\KernelBase.dll:
2502198.5a0: CreationTime: 2014-05-22T09:26:34.595575100Z
2512198.5a0: LastWriteTime: 2014-03-04T09:44:00.336000000Z
2522198.5a0: ChangeTime: 2014-05-22T09:55:23.449910400Z
2532198.5a0: FileAttributes: 0x20
2542198.5a0: Size: 0x67c00
2552198.5a0: NT Headers: 0xe8
2562198.5a0: Timestamp: 0x5315a05a
2572198.5a0: Machine: 0x8664 - amd64
2582198.5a0: Timestamp: 0x5315a05a
2592198.5a0: Image Version: 6.1
2602198.5a0: SizeOfImage: 0x6c000 (442368)
2612198.5a0: Resource Dir: 0x6a000 LB 0x530
2622198.5a0: ProductName: Microsoft® Windows® Operating System
2632198.5a0: ProductVersion: 6.1.7601.18409
2642198.5a0: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
2652198.5a0: FileDescription: Windows NT BASE API Client DLL
2662198.5a0: \SystemRoot\System32\apisetschema.dll:
2672198.5a0: CreationTime: 2013-09-12T10:10:15.591446300Z
2682198.5a0: LastWriteTime: 2013-09-12T10:10:15.596446800Z
2692198.5a0: ChangeTime: 2014-01-21T11:22:22.818652400Z
2702198.5a0: FileAttributes: 0x20
2712198.5a0: Size: 0x1a00
2722198.5a0: NT Headers: 0xc0
2732198.5a0: Timestamp: 0x51fb15ca
2742198.5a0: Machine: 0x8664 - amd64
2752198.5a0: Timestamp: 0x51fb15ca
2762198.5a0: Image Version: 6.1
2772198.5a0: SizeOfImage: 0x50000 (327680)
2782198.5a0: Resource Dir: 0x30000 LB 0x3f8
2792198.5a0: ProductName: Microsoft® Windows® Operating System
2802198.5a0: ProductVersion: 6.1.7601.18229
2812198.5a0: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
2822198.5a0: FileDescription: ApiSet Schema DLL
2832198.5a0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
2842198.5a0: supR3HardenedWinFindAdversaries: 0x2
2852198.5a0: \SystemRoot\System32\drivers\SysPlant.sys:
2862198.5a0: CreationTime: 2014-01-21T12:10:05.680296300Z
2872198.5a0: LastWriteTime: 2014-11-12T12:35:07.305641800Z
2882198.5a0: ChangeTime: 2014-11-12T12:35:07.305641800Z
2892198.5a0: FileAttributes: 0x20
2902198.5a0: Size: 0x26f40
2912198.5a0: NT Headers: 0x100
2922198.5a0: Timestamp: 0x5413cb4e
2932198.5a0: Machine: 0x8664 - amd64
2942198.5a0: Timestamp: 0x5413cb4e
2952198.5a0: Image Version: 5.0
2962198.5a0: SizeOfImage: 0x2d000 (184320)
2972198.5a0: Resource Dir: 0x2b000 LB 0x498
2982198.5a0: ProductName: Symantec CMC Firewall
2992198.5a0: ProductVersion: 12.1.5337.5000
3002198.5a0: FileVersion: 12.1.5337.5000
3012198.5a0: FileDescription: Symantec CMC Firewall SysPlant
3022198.5a0: \SystemRoot\System32\sysfer.dll:
3032198.5a0: CreationTime: 2014-01-21T12:10:05.664702900Z
3042198.5a0: LastWriteTime: 2014-11-12T12:35:07.243241700Z
3052198.5a0: ChangeTime: 2014-11-12T12:35:07.243241700Z
3062198.5a0: FileAttributes: 0x20
3072198.5a0: Size: 0x70f60
3082198.5a0: NT Headers: 0xe8
3092198.5a0: Timestamp: 0x5413cb55
3102198.5a0: Machine: 0x8664 - amd64
3112198.5a0: Timestamp: 0x5413cb55
3122198.5a0: Image Version: 0.0
3132198.5a0: SizeOfImage: 0x88000 (557056)
3142198.5a0: Resource Dir: 0x86000 LB 0x630
3152198.5a0: ProductName: Symantec CMC Firewall
3162198.5a0: ProductVersion: 12.1.5337.5000
3172198.5a0: FileVersion: 12.1.5337.5000
3182198.5a0: FileDescription: Symantec CMC Firewall sysfer
3192198.5a0: \SystemRoot\System32\drivers\symevent64x86.sys:
3202198.5a0: CreationTime: 2014-01-21T12:10:37.553205900Z
3212198.5a0: LastWriteTime: 2014-11-05T00:46:27.560779500Z
3222198.5a0: ChangeTime: 2014-11-05T00:46:27.560779500Z
3232198.5a0: FileAttributes: 0x20
3242198.5a0: Size: 0x2b658
3252198.5a0: NT Headers: 0xe8
3262198.5a0: Timestamp: 0x51f32ff2
3272198.5a0: Machine: 0x8664 - amd64
3282198.5a0: Timestamp: 0x51f32ff2
3292198.5a0: Image Version: 6.0
3302198.5a0: SizeOfImage: 0x38000 (229376)
3312198.5a0: Resource Dir: 0x36000 LB 0x3c8
3322198.5a0: ProductName: SYMEVENT
3332198.5a0: ProductVersion: 12.9.5.2
3342198.5a0: FileVersion: 12.9.5.2
3352198.5a0: FileDescription: Symantec Event Library
3362198.5a0: Calling main()
3372198.5a0: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
3382198.5a0: SUPR3HardenedMain: Respawn #1
3392198.5a0: System32: \Device\HarddiskVolume1\Windows\System32
3402198.5a0: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
3412198.5a0: KnownDllPath: C:\WINDOWS\system32
3422198.5a0: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3432198.5a0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
3442198.5a0: supR3HardNtEnableThreadCreation:
3452198.5a0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007714c340 pvNtTerminateThread=00000000771717e0
3462198.5a0: supR3HardenedWinDoReSpawn(1): New child acc.e2c [kernel32].
3472198.5a0: supR3HardNtChildGatherData: PebBaseAddress=000007fffffda000 cbPeb=0x380
3482198.5a0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077120000 uNtDllChildAddr=0000000077120000
3492198.5a0: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007714c340
3502198.5a0: supR3HardenedWinSetupChildInit: Start child.
3512198.5a0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
3522198.5a0: supR3HardNtChildPurify: Startup delay kludge #1/0: 514 ms, 51 sleeps
3532198.5a0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
3542198.5a0: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
3552198.5a0: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
3562198.5a0: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
3572198.5a0: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
3582198.5a0: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
3592198.5a0: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
3602198.5a0: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
3612198.5a0: 0000000000051000-ffffffffffeb1fff 0x0001/0x0000 0x0000000
3622198.5a0: *00000000001f0000-00000000000f3fff 0x0000/0x0004 0x0020000
3632198.5a0: 00000000002ec000-00000000002e8fff 0x0104/0x0004 0x0020000
3642198.5a0: 00000000002ef000-00000000002edfff 0x0004/0x0004 0x0020000
3652198.5a0: 00000000002f0000-ffffffff894bffff 0x0001/0x0000 0x0000000
3662198.5a0: *0000000077120000-000000007711efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3672198.5a0: 0000000077121000-000000007701efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3682198.5a0: 0000000077223000-00000000771f3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3692198.5a0: 0000000077252000-0000000077249fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3702198.5a0: 000000007725a000-0000000077258fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3712198.5a0: 000000007725b000-0000000077257fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3722198.5a0: 000000007725e000-00000000771f2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
3732198.5a0: 00000000772c9000-000000006f5b1fff 0x0001/0x0000 0x0000000
3742198.5a0: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
3752198.5a0: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
3762198.5a0: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
3772198.5a0: 000000007fff0000-ffffffffc0e2ffff 0x0001/0x0000 0x0000000
3782198.5a0: *000000013f1b0000-000000013f1aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3792198.5a0: 000000013f1b1000-000000013f12cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3802198.5a0: 000000013f235000-000000013f233fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3812198.5a0: 000000013f236000-000000013f1f8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3822198.5a0: 000000013f273000-000000013f271fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3832198.5a0: 000000013f274000-000000013f272fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3842198.5a0: 000000013f275000-000000013f272fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3852198.5a0: 000000013f277000-000000013f275fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3862198.5a0: 000000013f278000-000000013f276fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3872198.5a0: 000000013f279000-000000013f274fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3882198.5a0: 000000013f27d000-000000013f243fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
3892198.5a0: 000000013f2b6000-fffff8037f12bfff 0x0001/0x0000 0x0000000
3902198.5a0: *000007feff440000-000007feff43efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
3912198.5a0: 000007feff441000-000007fdfe8d1fff 0x0001/0x0000 0x0000000
3922198.5a0: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
3932198.5a0: 000007fffffd3000-000007fffffcbfff 0x0001/0x0000 0x0000000
3942198.5a0: *000007fffffda000-000007fffffd8fff 0x0004/0x0004 0x0020000
3952198.5a0: 000007fffffdb000-000007fffffd7fff 0x0001/0x0000 0x0000000
3962198.5a0: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
3972198.5a0: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
3982198.5a0: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
3992198.5a0: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
4002198.5a0: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
4012198.5a0: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
4022198.5a0: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
4032198.5a0: supR3HardNtChildPurify: Done after 527 ms and 0 fixes (loop #0).
404acc.e2c: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
405acc.e2c: supR3HardenedVmProcessInit: uNtDllAddr=0000000077120000
406acc.e2c: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
407acc.e2c: New simple heap: #1 00000000002f0000 LB 0x400000 (for 1740800 allocation)
4082198.5a0: supR3HardNtEnableThreadCreation:
409acc.e2c: System32: \Device\HarddiskVolume1\Windows\System32
410acc.e2c: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
411acc.e2c: KnownDllPath: C:\WINDOWS\system32
412acc.e2c: supR3HardenedVmProcessInit: Opening vboxdrv stub...
413acc.e2c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
414acc.e2c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
415acc.e2c: Registered Dll notification callback with NTDLL.
416acc.e2c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
417acc.e2c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
418acc.e2c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
419acc.e2c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
4202198.5a0: Error (rc=258):
4212198.5a0: Timed out after 60003 ms waiting for child request #1 (CloseEvents).
4222198.5a0: Error 258 in supR3HardNtChildWaitFor! (enmWhat=5)
4232198.5a0: Timed out after 60003 ms waiting for child request #1 (CloseEvents).
424162c.1d8: Log file opened: 4.3.20r96997 g_hStartupLog=00000000000000b0 g_uNtVerCombined=0x611db110
425162c.1d8: \SystemRoot\System32\ntdll.dll:
426162c.1d8: CreationTime: 2013-10-15T08:52:37.951647100Z
427162c.1d8: LastWriteTime: 2013-10-15T08:52:37.951647100Z
428162c.1d8: ChangeTime: 2014-01-21T11:22:29.206781100Z
429162c.1d8: FileAttributes: 0x20
430162c.1d8: Size: 0x1a6dc0
431162c.1d8: NT Headers: 0xe0
432162c.1d8: Timestamp: 0x521eaf24
433162c.1d8: Machine: 0x8664 - amd64
434162c.1d8: Timestamp: 0x521eaf24
435162c.1d8: Image Version: 6.1
436162c.1d8: SizeOfImage: 0x1a9000 (1740800)
437162c.1d8: Resource Dir: 0x151000 LB 0x560d8
438162c.1d8: ProductName: Microsoft® Windows® Operating System
439162c.1d8: ProductVersion: 6.1.7601.18247
440162c.1d8: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
441162c.1d8: FileDescription: NT Layer DLL
442162c.1d8: \SystemRoot\System32\kernel32.dll:
443162c.1d8: CreationTime: 2014-04-17T09:23:14.230910600Z
444162c.1d8: LastWriteTime: 2014-03-04T09:44:00.336000000Z
445162c.1d8: ChangeTime: 2014-04-23T07:35:07.436901900Z
446162c.1d8: FileAttributes: 0x20
447162c.1d8: Size: 0x11c000
448162c.1d8: NT Headers: 0xe8
449162c.1d8: Timestamp: 0x5315a059
450162c.1d8: Machine: 0x8664 - amd64
451162c.1d8: Timestamp: 0x5315a059
452162c.1d8: Image Version: 6.1
453162c.1d8: SizeOfImage: 0x11f000 (1175552)
454162c.1d8: Resource Dir: 0x116000 LB 0x528
455162c.1d8: ProductName: Microsoft® Windows® Operating System
456162c.1d8: ProductVersion: 6.1.7601.18409
457162c.1d8: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
458162c.1d8: FileDescription: Windows NT BASE API Client DLL
459162c.1d8: \SystemRoot\System32\KernelBase.dll:
460162c.1d8: CreationTime: 2014-05-22T09:26:34.595575100Z
461162c.1d8: LastWriteTime: 2014-03-04T09:44:00.336000000Z
462162c.1d8: ChangeTime: 2014-05-22T09:55:23.449910400Z
463162c.1d8: FileAttributes: 0x20
464162c.1d8: Size: 0x67c00
465162c.1d8: NT Headers: 0xe8
466162c.1d8: Timestamp: 0x5315a05a
467162c.1d8: Machine: 0x8664 - amd64
468162c.1d8: Timestamp: 0x5315a05a
469162c.1d8: Image Version: 6.1
470162c.1d8: SizeOfImage: 0x6c000 (442368)
471162c.1d8: Resource Dir: 0x6a000 LB 0x530
472162c.1d8: ProductName: Microsoft® Windows® Operating System
473162c.1d8: ProductVersion: 6.1.7601.18409
474162c.1d8: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
475162c.1d8: FileDescription: Windows NT BASE API Client DLL
476162c.1d8: \SystemRoot\System32\apisetschema.dll:
477162c.1d8: CreationTime: 2013-09-12T10:10:15.591446300Z
478162c.1d8: LastWriteTime: 2013-09-12T10:10:15.596446800Z
479162c.1d8: ChangeTime: 2014-01-21T11:22:22.818652400Z
480162c.1d8: FileAttributes: 0x20
481162c.1d8: Size: 0x1a00
482162c.1d8: NT Headers: 0xc0
483162c.1d8: Timestamp: 0x51fb15ca
484162c.1d8: Machine: 0x8664 - amd64
485162c.1d8: Timestamp: 0x51fb15ca
486162c.1d8: Image Version: 6.1
487162c.1d8: SizeOfImage: 0x50000 (327680)
488162c.1d8: Resource Dir: 0x30000 LB 0x3f8
489162c.1d8: ProductName: Microsoft® Windows® Operating System
490162c.1d8: ProductVersion: 6.1.7601.18229
491162c.1d8: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
492162c.1d8: FileDescription: ApiSet Schema DLL
493162c.1d8: Found driver SymNetS (0x2)
494162c.1d8: Found driver SRTSPX (0x2)
495162c.1d8: Found driver SymEvent (0x2)
496162c.1d8: Found driver SymIRON (0x2)
497162c.1d8: supR3HardenedWinFindAdversaries: 0x2
498162c.1d8: \SystemRoot\System32\drivers\SysPlant.sys:
499162c.1d8: CreationTime: 2014-01-21T12:10:05.680296300Z
500162c.1d8: LastWriteTime: 2014-11-12T12:35:07.305641800Z
501162c.1d8: ChangeTime: 2014-11-12T12:35:07.305641800Z
502162c.1d8: FileAttributes: 0x20
503162c.1d8: Size: 0x26f40
504162c.1d8: NT Headers: 0x100
505162c.1d8: Timestamp: 0x5413cb4e
506162c.1d8: Machine: 0x8664 - amd64
507162c.1d8: Timestamp: 0x5413cb4e
508162c.1d8: Image Version: 5.0
509162c.1d8: SizeOfImage: 0x2d000 (184320)
510162c.1d8: Resource Dir: 0x2b000 LB 0x498
511162c.1d8: ProductName: Symantec CMC Firewall
512162c.1d8: ProductVersion: 12.1.5337.5000
513162c.1d8: FileVersion: 12.1.5337.5000
514162c.1d8: FileDescription: Symantec CMC Firewall SysPlant
515162c.1d8: \SystemRoot\System32\sysfer.dll:
516162c.1d8: CreationTime: 2014-01-21T12:10:05.664702900Z
517162c.1d8: LastWriteTime: 2014-11-12T12:35:07.243241700Z
518162c.1d8: ChangeTime: 2014-11-12T12:35:07.243241700Z
519162c.1d8: FileAttributes: 0x20
520162c.1d8: Size: 0x70f60
521162c.1d8: NT Headers: 0xe8
522162c.1d8: Timestamp: 0x5413cb55
523162c.1d8: Machine: 0x8664 - amd64
524162c.1d8: Timestamp: 0x5413cb55
525162c.1d8: Image Version: 0.0
526162c.1d8: SizeOfImage: 0x88000 (557056)
527162c.1d8: Resource Dir: 0x86000 LB 0x630
528162c.1d8: ProductName: Symantec CMC Firewall
529162c.1d8: ProductVersion: 12.1.5337.5000
530162c.1d8: FileVersion: 12.1.5337.5000
531162c.1d8: FileDescription: Symantec CMC Firewall sysfer
532162c.1d8: \SystemRoot\System32\drivers\symevent64x86.sys:
533162c.1d8: CreationTime: 2014-01-21T12:10:37.553205900Z
534162c.1d8: LastWriteTime: 2014-11-05T00:46:27.560779500Z
535162c.1d8: ChangeTime: 2014-11-05T00:46:27.560779500Z
536162c.1d8: FileAttributes: 0x20
537162c.1d8: Size: 0x2b658
538162c.1d8: NT Headers: 0xe8
539162c.1d8: Timestamp: 0x51f32ff2
540162c.1d8: Machine: 0x8664 - amd64
541162c.1d8: Timestamp: 0x51f32ff2
542162c.1d8: Image Version: 6.0
543162c.1d8: SizeOfImage: 0x38000 (229376)
544162c.1d8: Resource Dir: 0x36000 LB 0x3c8
545162c.1d8: ProductName: SYMEVENT
546162c.1d8: ProductVersion: 12.9.5.2
547162c.1d8: FileVersion: 12.9.5.2
548162c.1d8: FileDescription: Symantec Event Library
549162c.1d8: Calling main()
550162c.1d8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
551162c.1d8: SUPR3HardenedMain: Respawn #1
552162c.1d8: System32: \Device\HarddiskVolume1\Windows\System32
553162c.1d8: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
554162c.1d8: KnownDllPath: C:\WINDOWS\system32
555162c.1d8: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
556162c.1d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
557162c.1d8: supR3HardNtEnableThreadCreation:
558162c.1d8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007714c340 pvNtTerminateThread=00000000771717e0
559162c.1d8: supR3HardenedWinDoReSpawn(1): New child 4e8.1ec8 [kernel32].
560162c.1d8: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
561162c.1d8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077120000 uNtDllChildAddr=0000000077120000
562162c.1d8: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007714c340
563162c.1d8: supR3HardenedWinSetupChildInit: Start child.
564162c.1d8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 14 ms.
565162c.1d8: supR3HardNtChildPurify: Startup delay kludge #1/0: 518 ms, 62 sleeps
566162c.1d8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
567162c.1d8: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
568162c.1d8: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
569162c.1d8: *0000000000030000-fffffffffff33fff 0x0000/0x0004 0x0020000
570162c.1d8: 000000000012c000-0000000000128fff 0x0104/0x0004 0x0020000
571162c.1d8: 000000000012f000-000000000012dfff 0x0004/0x0004 0x0020000
572162c.1d8: *0000000000130000-000000000012bfff 0x0002/0x0002 0x0040000
573162c.1d8: 0000000000134000-0000000000127fff 0x0001/0x0000 0x0000000
574162c.1d8: *0000000000140000-000000000013efff 0x0004/0x0004 0x0020000
575162c.1d8: 0000000000141000-0000000000131fff 0x0001/0x0000 0x0000000
576162c.1d8: *0000000000150000-000000000014efff 0x0004/0x0004 0x0020000
577162c.1d8: 0000000000151000-ffffffff89181fff 0x0001/0x0000 0x0000000
578162c.1d8: *0000000077120000-000000007711efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
579162c.1d8: 0000000077121000-000000007701efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
580162c.1d8: 0000000077223000-00000000771f3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
581162c.1d8: 0000000077252000-0000000077249fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
582162c.1d8: 000000007725a000-0000000077258fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
583162c.1d8: 000000007725b000-0000000077257fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
584162c.1d8: 000000007725e000-00000000771f2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
585162c.1d8: 00000000772c9000-000000006f5b1fff 0x0001/0x0000 0x0000000
586162c.1d8: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
587162c.1d8: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
588162c.1d8: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
589162c.1d8: 000000007fff0000-ffffffffc0e2ffff 0x0001/0x0000 0x0000000
590162c.1d8: *000000013f1b0000-000000013f1aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
591162c.1d8: 000000013f1b1000-000000013f12cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
592162c.1d8: 000000013f235000-000000013f233fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
593162c.1d8: 000000013f236000-000000013f1f8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
594162c.1d8: 000000013f273000-000000013f271fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
595162c.1d8: 000000013f274000-000000013f272fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
596162c.1d8: 000000013f275000-000000013f272fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
597162c.1d8: 000000013f277000-000000013f275fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
598162c.1d8: 000000013f278000-000000013f276fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
599162c.1d8: 000000013f279000-000000013f274fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
600162c.1d8: 000000013f27d000-000000013f243fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
601162c.1d8: 000000013f2b6000-fffff8037f12bfff 0x0001/0x0000 0x0000000
602162c.1d8: *000007feff440000-000007feff43efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
603162c.1d8: 000007feff441000-000007fdfe8d1fff 0x0001/0x0000 0x0000000
604162c.1d8: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
605162c.1d8: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
606162c.1d8: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
607162c.1d8: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
608162c.1d8: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
609162c.1d8: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
610162c.1d8: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
611162c.1d8: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
612162c.1d8: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
613162c.1d8: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
614162c.1d8: supR3HardNtChildPurify: Done after 534 ms and 0 fixes (loop #0).
6154e8.1ec8: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
6164e8.1ec8: supR3HardenedVmProcessInit: uNtDllAddr=0000000077120000
6174e8.1ec8: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
6184e8.1ec8: New simple heap: #1 0000000000260000 LB 0x400000 (for 1740800 allocation)
619162c.1d8: supR3HardNtEnableThreadCreation:
6204e8.1ec8: System32: \Device\HarddiskVolume1\Windows\System32
6214e8.1ec8: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
6224e8.1ec8: KnownDllPath: C:\WINDOWS\system32
6234e8.1ec8: supR3HardenedVmProcessInit: Opening vboxdrv stub...
6244e8.1ec8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
6254e8.1ec8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
6264e8.1ec8: Registered Dll notification callback with NTDLL.
6274e8.1ec8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
6284e8.1ec8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
6294e8.1ec8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
6304e8.1ec8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
631162c.1d8: Error (rc=258):
632162c.1d8: Timed out after 60001 ms waiting for child request #1 (CloseEvents).
633162c.1d8: Error 258 in supR3HardNtChildWaitFor! (enmWhat=5)
634162c.1d8: Timed out after 60001 ms waiting for child request #1 (CloseEvents).

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy