VirtualBox

Ticket #13697: VBoxHardening.log

File VBoxHardening.log, 11.4 KB (added by freealx, 9 years ago)

5.0.16r105871

Line 
1eb4.237c: Log file opened: 5.0.16r105871 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2eb4.237c: \SystemRoot\System32\ntdll.dll:
3eb4.237c: CreationTime: 2016-03-15T07:00:57.557312200Z
4eb4.237c: LastWriteTime: 2016-02-11T18:52:52.157940400Z
5eb4.237c: ChangeTime: 2016-03-17T04:55:11.918319000Z
6eb4.237c: FileAttributes: 0x20
7eb4.237c: Size: 0x1a73d8
8eb4.237c: NT Headers: 0xe0
9eb4.237c: Timestamp: 0x56bcd74c
10eb4.237c: Machine: 0x8664 - amd64
11eb4.237c: Timestamp: 0x56bcd74c
12eb4.237c: Image Version: 6.1
13eb4.237c: SizeOfImage: 0x1aa000 (1744896)
14eb4.237c: Resource Dir: 0x14e000 LB 0x5a028
15eb4.237c: ProductName: Microsoft® Windows® Operating System
16eb4.237c: ProductVersion: 6.1.7601.19160
17eb4.237c: FileVersion: 6.1.7601.19160 (win7sp1_gdr.160211-0600)
18eb4.237c: FileDescription: NT Layer DLL
19eb4.237c: \SystemRoot\System32\kernel32.dll:
20eb4.237c: CreationTime: 2016-03-15T07:00:57.458312200Z
21eb4.237c: LastWriteTime: 2016-02-11T18:44:34.819000000Z
22eb4.237c: ChangeTime: 2016-03-17T00:36:51.827533100Z
23eb4.237c: FileAttributes: 0x20
24eb4.237c: Size: 0x11c000
25eb4.237c: NT Headers: 0xe8
26eb4.237c: Timestamp: 0x56bcd73b
27eb4.237c: Machine: 0x8664 - amd64
28eb4.237c: Timestamp: 0x56bcd73b
29eb4.237c: Image Version: 6.1
30eb4.237c: SizeOfImage: 0x11f000 (1175552)
31eb4.237c: Resource Dir: 0x116000 LB 0x528
32eb4.237c: ProductName: Microsoft® Windows® Operating System
33eb4.237c: ProductVersion: 6.1.7601.19160
34eb4.237c: FileVersion: 6.1.7601.19160 (win7sp1_gdr.160211-0600)
35eb4.237c: FileDescription: Windows NT BASE API Client DLL
36eb4.237c: \SystemRoot\System32\KernelBase.dll:
37eb4.237c: CreationTime: 2016-03-15T07:00:58.494312200Z
38eb4.237c: LastWriteTime: 2016-02-11T18:44:34.850000000Z
39eb4.237c: ChangeTime: 2016-03-17T00:36:51.843533100Z
40eb4.237c: FileAttributes: 0x20
41eb4.237c: Size: 0x67200
42eb4.237c: NT Headers: 0xe8
43eb4.237c: Timestamp: 0x56bcd73c
44eb4.237c: Machine: 0x8664 - amd64
45eb4.237c: Timestamp: 0x56bcd73c
46eb4.237c: Image Version: 6.1
47eb4.237c: SizeOfImage: 0x6b000 (438272)
48eb4.237c: Resource Dir: 0x69000 LB 0x530
49eb4.237c: ProductName: Microsoft® Windows® Operating System
50eb4.237c: ProductVersion: 6.1.7601.19160
51eb4.237c: FileVersion: 6.1.7601.19160 (win7sp1_gdr.160211-0600)
52eb4.237c: FileDescription: Windows NT BASE API Client DLL
53eb4.237c: \SystemRoot\System32\apisetschema.dll:
54eb4.237c: CreationTime: 2016-03-15T07:01:00.001312200Z
55eb4.237c: LastWriteTime: 2016-02-11T18:41:37.445000000Z
56eb4.237c: ChangeTime: 2016-03-17T04:55:12.027519200Z
57eb4.237c: FileAttributes: 0x20
58eb4.237c: Size: 0x1a00
59eb4.237c: NT Headers: 0xc0
60eb4.237c: Timestamp: 0x56bcd628
61eb4.237c: Machine: 0x8664 - amd64
62eb4.237c: Timestamp: 0x56bcd628
63eb4.237c: Image Version: 6.1
64eb4.237c: SizeOfImage: 0x50000 (327680)
65eb4.237c: Resource Dir: 0x30000 LB 0x3f8
66eb4.237c: ProductName: Microsoft® Windows® Operating System
67eb4.237c: ProductVersion: 6.1.7601.19160
68eb4.237c: FileVersion: 6.1.7601.19160 (win7sp1_gdr.160211-0600)
69eb4.237c: FileDescription: ApiSet Schema DLL
70eb4.237c: Found driver mfewfpk (0x20)
71eb4.237c: Found driver mfehidk (0x20)
72eb4.237c: Found driver mfeavfk (0x20)
73eb4.237c: Found driver dgmaster (0x2000)
74eb4.237c: Found driver mfeapfk (0x20)
75eb4.237c: Found driver mfefirek (0x20)
76eb4.237c: supR3HardenedWinFindAdversaries: 0x2020
77eb4.237c: \SystemRoot\System32\drivers\mfeapfk.sys:
78eb4.237c: CreationTime: 2014-10-24T16:02:15.367758600Z
79eb4.237c: LastWriteTime: 2014-08-28T12:58:32.000000000Z
80eb4.237c: ChangeTime: 2016-03-17T04:54:54.898689100Z
81eb4.237c: FileAttributes: 0x20
82eb4.237c: Size: 0x2c548
83eb4.237c: NT Headers: 0xe0
84eb4.237c: Timestamp: 0x53ee4b6e
85eb4.237c: Machine: 0x8664 - amd64
86eb4.237c: Timestamp: 0x53ee4b6e
87eb4.237c: Image Version: 0.0
88eb4.237c: SizeOfImage: 0x2a200 (172544)
89eb4.237c: Resource Dir: 0x29a00 LB 0x340
90eb4.237c: ProductName: SYSCORE
91eb4.237c: FileVersion: SYSCORE.15.1.0.680
92eb4.237c: PrivateBuild: SYSCORE.15.1.0.680 F16
93eb4.237c: FileDescription: Access Protection Filter Driver
94eb4.237c: \SystemRoot\System32\drivers\mfeavfk.sys:
95eb4.237c: CreationTime: 2014-10-24T16:02:15.183758600Z
96eb4.237c: LastWriteTime: 2014-08-28T13:00:14.000000000Z
97eb4.237c: ChangeTime: 2016-03-17T05:48:21.146979900Z
98eb4.237c: FileAttributes: 0x20
99eb4.237c: Size: 0x4c948
100eb4.237c: NT Headers: 0xe8
101eb4.237c: Timestamp: 0x53ee4b7e
102eb4.237c: Machine: 0x8664 - amd64
103eb4.237c: Timestamp: 0x53ee4b7e
104eb4.237c: Image Version: 0.0
105eb4.237c: SizeOfImage: 0x4a300 (303872)
106eb4.237c: Resource Dir: 0x49500 LB 0x718
107eb4.237c: ProductName: SYSCORE
108eb4.237c: FileVersion: SYSCORE.15.1.0.680
109eb4.237c: PrivateBuild: SYSCORE.15.1.0.680 F15,F16,F19
110eb4.237c: FileDescription: Anti-Virus File System Filter Driver
111eb4.237c: \SystemRoot\System32\drivers\mfefirek.sys:
112eb4.237c: CreationTime: 2014-10-24T16:28:03.932756900Z
113eb4.237c: LastWriteTime: 2014-08-28T13:03:42.000000000Z
114eb4.237c: ChangeTime: 2016-03-17T05:48:21.178179900Z
115eb4.237c: FileAttributes: 0x20
116eb4.237c: Size: 0x80810
117eb4.237c: NT Headers: 0xe8
118eb4.237c: Timestamp: 0x53ee4bce
119eb4.237c: Machine: 0x8664 - amd64
120eb4.237c: Timestamp: 0x53ee4bce
121eb4.237c: Image Version: 0.0
122eb4.237c: SizeOfImage: 0x7dd00 (515328)
123eb4.237c: Resource Dir: 0x7b380 LB 0x350
124eb4.237c: ProductName: SYSCORE
125eb4.237c: FileVersion: SYSCORE.15.1.0.680
126eb4.237c: PrivateBuild: SYSCORE.15.1.0.680 F17,F18
127eb4.237c: FileDescription: McAfee Core Firewall Engine Driver
128eb4.237c: \SystemRoot\System32\drivers\mfehidk.sys:
129eb4.237c: CreationTime: 2014-10-24T16:02:14.427758600Z
130eb4.237c: LastWriteTime: 2014-08-28T13:08:02.000000000Z
131eb4.237c: ChangeTime: 2016-03-17T05:48:21.193779900Z
132eb4.237c: FileAttributes: 0x20
133eb4.237c: Size: 0xbff78
134eb4.237c: NT Headers: 0xf0
135eb4.237c: Timestamp: 0x53ee4b36
136eb4.237c: Machine: 0x8664 - amd64
137eb4.237c: Timestamp: 0x53ee4b36
138eb4.237c: Image Version: 0.0
139eb4.237c: SizeOfImage: 0xbce80 (773760)
140eb4.237c: Resource Dir: 0xba880 LB 0x348
141eb4.237c: ProductName: SYSCORE
142eb4.237c: FileVersion: SYSCORE.15.1.0.680
143eb4.237c: PrivateBuild: SYSCORE.15.1.0.680 F14,F15,F16,F18,F20
144eb4.237c: FileDescription: McAfee Link Driver
145eb4.237c: \SystemRoot\System32\drivers\mfewfpk.sys:
146eb4.237c: CreationTime: 2014-10-24T16:02:09.204758600Z
147eb4.237c: LastWriteTime: 2014-08-28T13:17:38.000000000Z
148eb4.237c: ChangeTime: 2016-03-17T03:52:46.469633100Z
149eb4.237c: FileAttributes: 0x20
150eb4.237c: Size: 0x55188
151eb4.237c: NT Headers: 0xf8
152eb4.237c: Timestamp: 0x53ee4b46
153eb4.237c: Machine: 0x8664 - amd64
154eb4.237c: Timestamp: 0x53ee4b46
155eb4.237c: Image Version: 0.0
156eb4.237c: SizeOfImage: 0x52a80 (338560)
157eb4.237c: Resource Dir: 0x51f00 LB 0x348
158eb4.237c: ProductName: SYSCORE
159eb4.237c: FileVersion: SYSCORE.15.1.0.680
160eb4.237c: PrivateBuild: SYSCORE.15.1.0.680 F17,F18
161eb4.237c: FileDescription: Anti-Virus Mini-Firewall Driver
162eb4.237c: \SystemRoot\System32\drivers\dgmaster.sys:
163eb4.237c: CreationTime: 2014-10-24T16:29:07.261756900Z
164eb4.237c: LastWriteTime: 2013-06-11T18:04:28.000000000Z
165eb4.237c: ChangeTime: 2014-10-24T16:29:07.345756900Z
166eb4.237c: FileAttributes: 0x20
167eb4.237c: Size: 0x1556f0
168eb4.237c: NT Headers: 0x108
169eb4.237c: Timestamp: 0x51b766a9
170eb4.237c: Machine: 0x8664 - amd64
171eb4.237c: Timestamp: 0x51b766a9
172eb4.237c: Image Version: 6.1
173eb4.237c: SizeOfImage: 0x16a000 (1482752)
174eb4.237c: Resource Dir: 0x12d000 LB 0x35f80
175eb4.237c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
176eb4.237c: Calling main()
177eb4.237c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
178eb4.237c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
179eb4.237c: SUPR3HardenedMain: Respawn #1
180eb4.237c: System32: \Device\HarddiskVolume1\Windows\System32
181eb4.237c: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
182eb4.237c: KnownDllPath: C:\Windows\system32
183eb4.237c: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
184eb4.237c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
185eb4.237c: supR3HardNtEnableThreadCreation:
186eb4.237c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007714b170 pvNtTerminateThread=000000007716d8e0
187eb4.237c: supR3HardenedWinDoReSpawn(1): New child e50.178c [kernel32].
188eb4.237c: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
189eb4.237c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077120000 uNtDllChildAddr=0000000077120000
190eb4.237c: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007714b170
191eb4.237c: supR3HardenedWinSetupChildInit: Start child.
192eb4.237c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
193eb4.237c: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 43 sleeps
194eb4.237c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
195eb4.237c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
196eb4.237c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
197eb4.237c: *0000000000030000-000000000002efff 0x0040/0x0040 0x0020000 !!
198eb4.237c: supHardNtVpFreeOrReplacePrivateExecMemory: Replacing exec mem at 0000000000030000 (LB 0x1000, 0000000000030000 LB 0x1000)
199eb4.237c: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [0000000000030000/0000000000030000 LB 0/0x1000]
200eb4.237c: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/0000000000030000 LB 0x10000 s=0x10000 ap=0x0 rp=0x00000000000001
201eb4.237c: Error (rc=-5673):
202eb4.237c: NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details
203eb4.237c: Error (rc=-5645):
204eb4.237c: Too many virtual memory regions.
205
206eb4.237c: Error (rc=-5673):
207eb4.237c: supHardenedWinVerifyProcess failed with Unknown Status -5673 (0xffffe9d7): NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details
208[rc=-5645] Too many virtual memory regions.
209eb4.237c: Error -5673 in supR3HardNtChildPurify! (enmWhat=5)
210eb4.237c: supHardenedWinVerifyProcess failed with Unknown Status -5673 (0xffffe9d7): NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details
211[rc=-5645] Too many virtual memory regions.
212eb4.237c: supR3HardNtEnableThreadCreation:

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy