VirtualBox

Ticket #13378: VBoxStartup.2.log

File VBoxStartup.2.log, 31.0 KB (added by jjaquinta, 10 years ago)

Log from trying to create VM. Just waits forever.

Line 
11794.630: Log file opened: 4.3.20r96997 g_hStartupLog=00000000000000b0 g_uNtVerCombined=0x611db110
21794.630: \SystemRoot\System32\ntdll.dll:
31794.630: CreationTime: 2014-01-08T19:02:04.231984700Z
41794.630: LastWriteTime: 2013-08-02T02:15:44.087554100Z
51794.630: ChangeTime: 2014-01-14T14:23:14.053364300Z
61794.630: FileAttributes: 0x20
71794.630: Size: 0x1a6dc0
81794.630: NT Headers: 0xe0
91794.630: Timestamp: 0x51fb164a
101794.630: Machine: 0x8664 - amd64
111794.630: Timestamp: 0x51fb164a
121794.630: Image Version: 6.1
131794.630: SizeOfImage: 0x1a9000 (1740800)
141794.630: Resource Dir: 0x151000 LB 0x560d8
151794.630: ProductName: Microsoft® Windows® Operating System
161794.630: ProductVersion: 6.1.7601.18229
171794.630: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
181794.630: FileDescription: NT Layer DLL
191794.630: \SystemRoot\System32\kernel32.dll:
201794.630: CreationTime: 2014-04-15T05:01:34.849560500Z
211794.630: LastWriteTime: 2014-03-04T09:44:00.336000000Z
221794.630: ChangeTime: 2014-04-15T14:15:36.510309400Z
231794.630: FileAttributes: 0x20
241794.630: Size: 0x11c000
251794.630: NT Headers: 0xe8
261794.630: Timestamp: 0x5315a059
271794.630: Machine: 0x8664 - amd64
281794.630: Timestamp: 0x5315a059
291794.630: Image Version: 6.1
301794.630: SizeOfImage: 0x11f000 (1175552)
311794.630: Resource Dir: 0x116000 LB 0x528
321794.630: ProductName: Microsoft® Windows® Operating System
331794.630: ProductVersion: 6.1.7601.18409
341794.630: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
351794.630: FileDescription: Windows NT BASE API Client DLL
361794.630: \SystemRoot\System32\KernelBase.dll:
371794.630: CreationTime: 2014-01-08T19:02:05.109034800Z
381794.630: LastWriteTime: 2013-08-02T02:13:34.580000000Z
391794.630: ChangeTime: 2014-01-14T14:23:14.880165800Z
401794.630: FileAttributes: 0x20
411794.630: Size: 0x67a00
421794.630: NT Headers: 0xe8
431794.630: Timestamp: 0x51fb1677
441794.630: Machine: 0x8664 - amd64
451794.630: Timestamp: 0x51fb1677
461794.630: Image Version: 6.1
471794.630: SizeOfImage: 0x6b000 (438272)
481794.630: Resource Dir: 0x69000 LB 0x530
491794.630: ProductName: Microsoft® Windows® Operating System
501794.630: ProductVersion: 6.1.7601.18229
511794.630: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
521794.630: FileDescription: Windows NT BASE API Client DLL
531794.630: \SystemRoot\System32\apisetschema.dll:
541794.630: CreationTime: 2014-01-08T19:02:06.286102200Z
551794.630: LastWriteTime: 2013-08-02T02:12:20.275000000Z
561794.630: ChangeTime: 2014-01-14T14:23:13.975364200Z
571794.630: FileAttributes: 0x20
581794.630: Size: 0x1a00
591794.630: NT Headers: 0xc0
601794.630: Timestamp: 0x51fb15ca
611794.630: Machine: 0x8664 - amd64
621794.630: Timestamp: 0x51fb15ca
631794.630: Image Version: 6.1
641794.630: SizeOfImage: 0x50000 (327680)
651794.630: Resource Dir: 0x30000 LB 0x3f8
661794.630: ProductName: Microsoft® Windows® Operating System
671794.630: ProductVersion: 6.1.7601.18229
681794.630: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
691794.630: FileDescription: ApiSet Schema DLL
701794.630: NtOpenDirectoryObject failed on \Driver: 0xc0000022
711794.630: supR3HardenedWinFindAdversaries: 0x2
721794.630: \SystemRoot\System32\drivers\SysPlant.sys:
731794.630: CreationTime: 2013-07-17T08:43:58.968750000Z
741794.630: LastWriteTime: 2014-07-30T14:27:12.165624000Z
751794.630: ChangeTime: 2014-07-30T14:27:12.165624000Z
761794.630: FileAttributes: 0x20
771794.630: Size: 0x25ed8
781794.630: NT Headers: 0x100
791794.630: Timestamp: 0x52647ffd
801794.630: Machine: 0x8664 - amd64
811794.630: Timestamp: 0x52647ffd
821794.630: Image Version: 5.0
831794.630: SizeOfImage: 0x2e000 (188416)
841794.630: Resource Dir: 0x2c000 LB 0x498
851794.630: ProductName: Symantec CMC Firewall
861794.630: ProductVersion: 12.1.4013.4013
871794.630: FileVersion: 12.1.4013.4013
881794.630: FileDescription: Symantec CMC Firewall SysPlant
891794.630: \SystemRoot\System32\sysfer.dll:
901794.630: CreationTime: 2013-07-17T08:43:58.953125000Z
911794.630: LastWriteTime: 2014-07-30T14:27:12.118823900Z
921794.630: ChangeTime: 2014-07-30T14:27:12.118823900Z
931794.630: FileAttributes: 0x20
941794.630: Size: 0x70190
951794.630: NT Headers: 0xe8
961794.630: Timestamp: 0x526480b2
971794.630: Machine: 0x8664 - amd64
981794.630: Timestamp: 0x526480b2
991794.630: Image Version: 0.0
1001794.630: SizeOfImage: 0x87000 (552960)
1011794.630: Resource Dir: 0x85000 LB 0x630
1021794.630: ProductName: Symantec CMC Firewall
1031794.630: ProductVersion: 12.1.4013.4013
1041794.630: FileVersion: 12.1.4013.4013
1051794.630: FileDescription: Symantec CMC Firewall sysfer
1061794.630: \SystemRoot\System32\sysferThunk.dll:
1071794.630: CreationTime: 2013-07-17T08:43:58.968750000Z
1081794.630: LastWriteTime: 2014-07-30T14:27:12.150024000Z
1091794.630: ChangeTime: 2014-07-30T14:27:12.150024000Z
1101794.630: FileAttributes: 0x20
1111794.630: Size: 0x2f90
1121794.630: NT Headers: 0xd0
1131794.630: Timestamp: 0x526480b3
1141794.630: Machine: 0x8664 - amd64
1151794.630: Timestamp: 0x526480b3
1161794.630: Image Version: 0.0
1171794.630: SizeOfImage: 0x8000 (32768)
1181794.630: Resource Dir: 0x6000 LB 0x648
1191794.630: ProductName: Symantec CMC Firewall
1201794.630: ProductVersion: 12.1.4013.4013
1211794.630: FileVersion: 12.1.4013.4013
1221794.630: FileDescription: Symantec CMC Firewall SysferThunk
1231794.630: \SystemRoot\System32\drivers\symevent64x86.sys:
1241794.630: CreationTime: 2013-07-17T08:45:19.437500000Z
1251794.630: LastWriteTime: 2014-07-25T13:38:47.656692900Z
1261794.630: ChangeTime: 2014-07-25T13:38:47.656692900Z
1271794.630: FileAttributes: 0x20
1281794.630: Size: 0x2b658
1291794.630: NT Headers: 0xe8
1301794.630: Timestamp: 0x51f32ff2
1311794.630: Machine: 0x8664 - amd64
1321794.630: Timestamp: 0x51f32ff2
1331794.630: Image Version: 6.0
1341794.630: SizeOfImage: 0x38000 (229376)
1351794.630: Resource Dir: 0x36000 LB 0x3c8
1361794.630: ProductName: SYMEVENT
1371794.630: ProductVersion: 12.9.5.2
1381794.630: FileVersion: 12.9.5.2
1391794.630: FileDescription: Symantec Event Library
1401794.630: Calling main()
1411794.630: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
1421794.630: SUPR3HardenedMain: Respawn #1
1431794.630: System32: \Device\HarddiskVolume1\Windows\System32
1441794.630: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
1451794.630: KnownDllPath: C:\windows\system32
1461794.630: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1471794.630: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1481794.630: supR3HardNtEnableThreadCreation:
1491794.630: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007790c340 pvNtTerminateThread=00000000779317e0
1501794.630: supR3HardenedWinDoReSpawn(1): New child 1418.141c [kernel32].
1511794.630: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd4000 cbPeb=0x380
1521794.630: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000778e0000 uNtDllChildAddr=00000000778e0000
1531794.630: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007790c340
1541794.630: supR3HardenedWinSetupChildInit: Start child.
1551794.630: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 16 ms.
1561794.630: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 48 sleeps
1571794.630: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
1581794.630: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
1591794.630: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
1601794.630: *0000000000030000-0000000000027fff 0x0040/0x0040 0x0020000 !!
1611794.630: supHardNtVpScanVirtualMemory: Freeing exec mem at 0000000000030000 (0000000000030000 LB 0x8000)
1621794.630: 0000000000038000-000000000002ffff 0x0001/0x0000 0x0000000
1631794.630: *0000000000040000-000000000003bfff 0x0002/0x0002 0x0040000
1641794.630: 0000000000044000-0000000000037fff 0x0001/0x0000 0x0000000
1651794.630: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
1661794.630: 0000000000051000-0000000000041fff 0x0001/0x0000 0x0000000
1671794.630: *0000000000060000-fffffffffff63fff 0x0000/0x0004 0x0020000
1681794.630: 000000000015c000-0000000000158fff 0x0104/0x0004 0x0020000
1691794.630: 000000000015f000-000000000015dfff 0x0004/0x0004 0x0020000
1701794.630: *0000000000160000-000000000015efff 0x0004/0x0004 0x0020000
1711794.630: 0000000000161000-ffffffff889e1fff 0x0001/0x0000 0x0000000
1721794.630: *00000000778e0000-00000000778defff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1731794.630: 00000000778e1000-00000000777defff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1741794.630: 00000000779e3000-00000000779b3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1751794.630: 0000000077a12000-0000000077a09fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1761794.630: 0000000077a1a000-0000000077a18fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1771794.630: 0000000077a1b000-0000000077a17fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1781794.630: 0000000077a1e000-00000000779b2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1791794.630: 0000000077a89000-0000000070531fff 0x0001/0x0000 0x0000000
1801794.630: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
1811794.630: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1821794.630: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1831794.630: 000000007fff0000-ffffffffc0a7ffff 0x0001/0x0000 0x0000000
1841794.630: *000000013f560000-000000013f55efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
1851794.630: 000000013f561000-000000013f4dcfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
1861794.630: 000000013f5e5000-000000013f5e3fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
1871794.630: 000000013f5e6000-000000013f5a8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
1881794.630: 000000013f623000-000000013f621fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
1891794.630: 000000013f624000-000000013f622fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
1901794.630: 000000013f625000-000000013f622fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
1911794.630: 000000013f627000-000000013f625fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
1921794.630: 000000013f628000-000000013f626fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
1931794.630: 000000013f629000-000000013f624fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
1941794.630: 000000013f62d000-000000013f5f3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
1951794.630: 000000013f666000-fffff8037f0cbfff 0x0001/0x0000 0x0000000
1961794.630: *000007feffc00000-000007feffbfefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
1971794.630: 000007feffc01000-000007fdff851fff 0x0001/0x0000 0x0000000
1981794.630: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
1991794.630: 000007fffffd3000-000007fffffd1fff 0x0001/0x0000 0x0000000
2001794.630: *000007fffffd4000-000007fffffd2fff 0x0004/0x0004 0x0020000
2011794.630: 000007fffffd5000-000007fffffcbfff 0x0001/0x0000 0x0000000
2021794.630: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
2031794.630: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2041794.630: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
2051794.630: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
2061794.630: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2071794.630: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
2081794.630: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
2091794.630: supR3HardNtChildPurify: cFixes=1 g_fSupAdversaries=0x2 cPatchCount=0
2101794.630: supR3HardNtChildPurify: Startup delay kludge #1/1: 527 ms, 41 sleeps
2111794.630: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2121794.630: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
2131794.630: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
2141794.630: 0000000000030000-000000000001ffff 0x0001/0x0000 0x0000000
2151794.630: *0000000000040000-000000000003bfff 0x0002/0x0002 0x0040000
2161794.630: 0000000000044000-0000000000037fff 0x0001/0x0000 0x0000000
2171794.630: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
2181794.630: 0000000000051000-0000000000041fff 0x0001/0x0000 0x0000000
2191794.630: *0000000000060000-fffffffffff63fff 0x0000/0x0004 0x0020000
2201794.630: 000000000015c000-0000000000158fff 0x0104/0x0004 0x0020000
2211794.630: 000000000015f000-000000000015dfff 0x0004/0x0004 0x0020000
2221794.630: *0000000000160000-000000000015efff 0x0004/0x0004 0x0020000
2231794.630: 0000000000161000-ffffffff889e1fff 0x0001/0x0000 0x0000000
2241794.630: *00000000778e0000-00000000778defff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2251794.630: 00000000778e1000-00000000777defff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2261794.630: 00000000779e3000-00000000779b3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2271794.630: 0000000077a12000-0000000077a09fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2281794.630: 0000000077a1a000-0000000077a18fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2291794.630: 0000000077a1b000-0000000077a19fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2301794.630: 0000000077a1c000-0000000077a19fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2311794.630: 0000000077a1e000-00000000779b2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2321794.630: 0000000077a89000-0000000070531fff 0x0001/0x0000 0x0000000
2331794.630: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
2341794.630: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2351794.630: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2361794.630: 000000007fff0000-ffffffffc0a7ffff 0x0001/0x0000 0x0000000
2371794.630: *000000013f560000-000000013f55efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2381794.630: 000000013f561000-000000013f4dcfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2391794.630: 000000013f5e5000-000000013f5e3fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2401794.630: 000000013f5e6000-000000013f5a8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2411794.630: 000000013f623000-000000013f618fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2421794.630: 000000013f62d000-000000013f5f3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2431794.630: 000000013f666000-fffff8037f0cbfff 0x0001/0x0000 0x0000000
2441794.630: *000007feffc00000-000007feffbfefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
2451794.630: 000007feffc01000-000007fdff851fff 0x0001/0x0000 0x0000000
2461794.630: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
2471794.630: 000007fffffd3000-000007fffffd1fff 0x0001/0x0000 0x0000000
2481794.630: *000007fffffd4000-000007fffffd2fff 0x0004/0x0004 0x0020000
2491794.630: 000007fffffd5000-000007fffffcbfff 0x0001/0x0000 0x0000000
2501794.630: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
2511794.630: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2521794.630: supR3HardNtChildPurify: Done after 1074 ms and 1 fixes (loop #1).
2531794.630: supR3HardNtEnableThreadCreation:
2541418.141c: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
2551418.141c: supR3HardenedVmProcessInit: uNtDllAddr=00000000778e0000
2561418.141c: ntdll.dll: timestamp 0x51fb164a (rc=VINF_SUCCESS)
2571418.141c: New simple heap: #1 0000000000270000 LB 0x400000 (for 1740800 allocation)
2581418.141c: System32: \Device\HarddiskVolume1\Windows\System32
2591418.141c: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
2601418.141c: KnownDllPath: C:\windows\system32
2611418.141c: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2621418.141c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
2631418.141c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
2641418.141c: Registered Dll notification callback with NTDLL.
2651418.141c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
2661418.141c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
2671418.141c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2681418.141c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2691418.141c: supR3HardenedDllNotificationCallback: load 00000000777c0000 LB 0x0011f000 C:\windows\system32\kernel32.dll [fFlags=0x0]
2701418.141c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2711418.141c: supR3HardenedDllNotificationCallback: load 000007fefd890000 LB 0x0006b000 C:\windows\system32\KERNELBASE.dll [fFlags=0x0]
2721418.141c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
2731418.141c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
2741418.141c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000777c0000 'C:\windows\system32\kernel32.dll'
2751418.141c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007790c340 pvNtTerminateThread=00000000779317e0
2761794.630: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 31 ms.
2771418.141c: \SystemRoot\System32\ntdll.dll:
2781418.141c: CreationTime: 2014-01-08T19:02:04.231984700Z
2791418.141c: LastWriteTime: 2013-08-02T02:15:44.087554100Z
2801418.141c: ChangeTime: 2014-01-14T14:23:14.053364300Z
2811418.141c: FileAttributes: 0x20
2821418.141c: Size: 0x1a6dc0
2831418.141c: NT Headers: 0xe0
2841418.141c: Timestamp: 0x51fb164a
2851418.141c: Machine: 0x8664 - amd64
2861418.141c: Timestamp: 0x51fb164a
2871418.141c: Image Version: 6.1
2881418.141c: SizeOfImage: 0x1a9000 (1740800)
2891418.141c: Resource Dir: 0x151000 LB 0x560d8
2901418.141c: ProductName: Microsoft® Windows® Operating System
2911418.141c: ProductVersion: 6.1.7601.18229
2921418.141c: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
2931418.141c: FileDescription: NT Layer DLL
2941418.141c: \SystemRoot\System32\kernel32.dll:
2951418.141c: CreationTime: 2014-04-15T05:01:34.849560500Z
2961418.141c: LastWriteTime: 2014-03-04T09:44:00.336000000Z
2971418.141c: ChangeTime: 2014-04-15T14:15:36.510309400Z
2981418.141c: FileAttributes: 0x20
2991418.141c: Size: 0x11c000
3001418.141c: NT Headers: 0xe8
3011418.141c: Timestamp: 0x5315a059
3021418.141c: Machine: 0x8664 - amd64
3031418.141c: Timestamp: 0x5315a059
3041418.141c: Image Version: 6.1
3051418.141c: SizeOfImage: 0x11f000 (1175552)
3061418.141c: Resource Dir: 0x116000 LB 0x528
3071418.141c: ProductName: Microsoft® Windows® Operating System
3081418.141c: ProductVersion: 6.1.7601.18409
3091418.141c: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3101418.141c: FileDescription: Windows NT BASE API Client DLL
3111418.141c: \SystemRoot\System32\KernelBase.dll:
3121418.141c: CreationTime: 2014-01-08T19:02:05.109034800Z
3131418.141c: LastWriteTime: 2013-08-02T02:13:34.580000000Z
3141418.141c: ChangeTime: 2014-01-14T14:23:14.880165800Z
3151418.141c: FileAttributes: 0x20
3161418.141c: Size: 0x67a00
3171418.141c: NT Headers: 0xe8
3181418.141c: Timestamp: 0x51fb1677
3191418.141c: Machine: 0x8664 - amd64
3201418.141c: Timestamp: 0x51fb1677
3211418.141c: Image Version: 6.1
3221418.141c: SizeOfImage: 0x6b000 (438272)
3231418.141c: Resource Dir: 0x69000 LB 0x530
3241418.141c: ProductName: Microsoft® Windows® Operating System
3251418.141c: ProductVersion: 6.1.7601.18229
3261418.141c: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
3271418.141c: FileDescription: Windows NT BASE API Client DLL
3281418.141c: \SystemRoot\System32\apisetschema.dll:
3291418.141c: CreationTime: 2014-01-08T19:02:06.286102200Z
3301418.141c: LastWriteTime: 2013-08-02T02:12:20.275000000Z
3311418.141c: ChangeTime: 2014-01-14T14:23:13.975364200Z
3321418.141c: FileAttributes: 0x20
3331418.141c: Size: 0x1a00
3341418.141c: NT Headers: 0xc0
3351418.141c: Timestamp: 0x51fb15ca
3361418.141c: Machine: 0x8664 - amd64
3371418.141c: Timestamp: 0x51fb15ca
3381418.141c: Image Version: 6.1
3391418.141c: SizeOfImage: 0x50000 (327680)
3401418.141c: Resource Dir: 0x30000 LB 0x3f8
3411418.141c: ProductName: Microsoft® Windows® Operating System
3421418.141c: ProductVersion: 6.1.7601.18229
3431418.141c: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
3441418.141c: FileDescription: ApiSet Schema DLL
3451418.141c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
3461418.141c: supR3HardenedWinFindAdversaries: 0x2
3471418.141c: \SystemRoot\System32\drivers\SysPlant.sys:
3481418.141c: CreationTime: 2013-07-17T08:43:58.968750000Z
3491418.141c: LastWriteTime: 2014-07-30T14:27:12.165624000Z
3501418.141c: ChangeTime: 2014-07-30T14:27:12.165624000Z
3511418.141c: FileAttributes: 0x20
3521418.141c: Size: 0x25ed8
3531418.141c: NT Headers: 0x100
3541418.141c: Timestamp: 0x52647ffd
3551418.141c: Machine: 0x8664 - amd64
3561418.141c: Timestamp: 0x52647ffd
3571418.141c: Image Version: 5.0
3581418.141c: SizeOfImage: 0x2e000 (188416)
3591418.141c: Resource Dir: 0x2c000 LB 0x498
3601418.141c: ProductName: Symantec CMC Firewall
3611418.141c: ProductVersion: 12.1.4013.4013
3621418.141c: FileVersion: 12.1.4013.4013
3631418.141c: FileDescription: Symantec CMC Firewall SysPlant
3641418.141c: \SystemRoot\System32\sysfer.dll:
3651418.141c: CreationTime: 2013-07-17T08:43:58.953125000Z
3661418.141c: LastWriteTime: 2014-07-30T14:27:12.118823900Z
3671418.141c: ChangeTime: 2014-07-30T14:27:12.118823900Z
3681418.141c: FileAttributes: 0x20
3691418.141c: Size: 0x70190
3701418.141c: NT Headers: 0xe8
3711418.141c: Timestamp: 0x526480b2
3721418.141c: Machine: 0x8664 - amd64
3731418.141c: Timestamp: 0x526480b2
3741418.141c: Image Version: 0.0
3751418.141c: SizeOfImage: 0x87000 (552960)
3761418.141c: Resource Dir: 0x85000 LB 0x630
3771418.141c: ProductName: Symantec CMC Firewall
3781418.141c: ProductVersion: 12.1.4013.4013
3791418.141c: FileVersion: 12.1.4013.4013
3801418.141c: FileDescription: Symantec CMC Firewall sysfer
3811418.141c: \SystemRoot\System32\sysferThunk.dll:
3821418.141c: CreationTime: 2013-07-17T08:43:58.968750000Z
3831418.141c: LastWriteTime: 2014-07-30T14:27:12.150024000Z
3841418.141c: ChangeTime: 2014-07-30T14:27:12.150024000Z
3851418.141c: FileAttributes: 0x20
3861418.141c: Size: 0x2f90
3871418.141c: NT Headers: 0xd0
3881418.141c: Timestamp: 0x526480b3
3891418.141c: Machine: 0x8664 - amd64
3901418.141c: Timestamp: 0x526480b3
3911418.141c: Image Version: 0.0
3921418.141c: SizeOfImage: 0x8000 (32768)
3931418.141c: Resource Dir: 0x6000 LB 0x648
3941418.141c: ProductName: Symantec CMC Firewall
3951418.141c: ProductVersion: 12.1.4013.4013
3961418.141c: FileVersion: 12.1.4013.4013
3971418.141c: FileDescription: Symantec CMC Firewall SysferThunk
3981418.141c: \SystemRoot\System32\drivers\symevent64x86.sys:
3991418.141c: CreationTime: 2013-07-17T08:45:19.437500000Z
4001418.141c: LastWriteTime: 2014-07-25T13:38:47.656692900Z
4011418.141c: ChangeTime: 2014-07-25T13:38:47.656692900Z
4021418.141c: FileAttributes: 0x20
4031418.141c: Size: 0x2b658
4041418.141c: NT Headers: 0xe8
4051418.141c: Timestamp: 0x51f32ff2
4061418.141c: Machine: 0x8664 - amd64
4071418.141c: Timestamp: 0x51f32ff2
4081418.141c: Image Version: 6.0
4091418.141c: SizeOfImage: 0x38000 (229376)
4101418.141c: Resource Dir: 0x36000 LB 0x3c8
4111418.141c: ProductName: SYMEVENT
4121418.141c: ProductVersion: 12.9.5.2
4131418.141c: FileVersion: 12.9.5.2
4141418.141c: FileDescription: Symantec Event Library
4151418.141c: Calling main()
4161418.141c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4171418.141c: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
4181418.141c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
4191418.141c: SUPR3HardenedMain: Respawn #2
4201418.141c: supR3HardNtEnableThreadCreation:
4211418.141c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4221418.141c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
4231418.141c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)
4241418.141c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll
4251418.141c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4261418.141c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4271418.141c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)
4281418.141c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
4291418.141c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4301418.141c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4311418.141c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)
4321418.141c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
4331418.141c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x1000 pwszSearchPath=0000000000000000:<flags> [calling]
4341418.141c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4351418.141c: supR3HardenedDllNotificationCallback: load 000007feffb10000 LB 0x000db000 C:\windows\system32\ADVAPI32.DLL [fFlags=0x0]
4361418.141c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4371418.141c: supR3HardenedDllNotificationCallback: load 000007feff320000 LB 0x0009f000 C:\windows\system32\msvcrt.dll [fFlags=0x0]
4381418.141c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4391418.141c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
4401418.141c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
4411418.141c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)
4421418.141c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll
4431418.141c: supR3HardenedDllNotificationCallback: load 000007feff3c0000 LB 0x0001f000 C:\windows\SYSTEM32\sechost.dll [fFlags=0x0]
4441418.141c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\sechost.dll [lacks WinVerifyTrust]
4451418.141c: supR3HardenedDllNotificationCallback: load 000007feff090000 LB 0x0012d000 C:\windows\system32\RPCRT4.dll [fFlags=0x0]
4461418.141c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4471418.141c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feffb10000 'C:\windows\system32\ADVAPI32.DLL'
4481418.141c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)
4491418.141c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
4501418.141c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4511418.141c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4521418.141c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4531418.141c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4541418.141c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4551418.141c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4561418.141c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
4571418.141c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4581418.141c: supR3HardenedDllNotificationCallback: load 000007fefd6b0000 LB 0x00057000 C:\windows\system32\apphelp.dll [fFlags=0x0]
4591418.141c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4601418.141c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6b0000 'C:\windows\system32\apphelp.dll'

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy