VirtualBox

Ticket #15096: VBoxHardening.log

File VBoxHardening.log, 16.6 KB (added by DRH, 9 years ago)

Logfile of hardening process failure

Line 
12544.254c: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000070 g_uNtVerCombined=0xa037ab00
22544.254c: \SystemRoot\System32\ntdll.dll:
32544.254c: CreationTime: 2016-01-25T04:23:03.228793500Z
42544.254c: LastWriteTime: 2016-01-25T04:23:03.228793500Z
52544.254c: ChangeTime: 2016-01-30T22:01:40.039749400Z
62544.254c: FileAttributes: 0x20
72544.254c: Size: 0x1c3d38
82544.254c: NT Headers: 0xd8
92544.254c: Timestamp: 0x56a54488
102544.254c: Machine: 0x8664 - amd64
112544.254c: Timestamp: 0x56a54488
122544.254c: Image Version: 10.0
132544.254c: SizeOfImage: 0x1ca000 (1875968)
142544.254c: Resource Dir: 0x162000 LB 0x66370
152544.254c: ProductName: Microsoft® Windows® Operating System
162544.254c: ProductVersion: 10.0.14251.1000
172544.254c: FileVersion: 10.0.14251.1000 (rs1_release.160124-1059)
182544.254c: FileDescription: NT Layer DLL
192544.254c: \SystemRoot\System32\kernel32.dll:
202544.254c: CreationTime: 2016-01-25T04:22:39.523783500Z
212544.254c: LastWriteTime: 2016-01-25T04:22:39.523783500Z
222544.254c: ChangeTime: 2016-01-30T22:01:38.742823700Z
232544.254c: FileAttributes: 0x20
242544.254c: Size: 0xa9790
252544.254c: NT Headers: 0xf0
262544.254c: Timestamp: 0x56a54538
272544.254c: Machine: 0x8664 - amd64
282544.254c: Timestamp: 0x56a54538
292544.254c: Image Version: 10.0
302544.254c: SizeOfImage: 0xab000 (700416)
312544.254c: Resource Dir: 0xa9000 LB 0x528
322544.254c: ProductName: Microsoft® Windows® Operating System
332544.254c: ProductVersion: 10.0.14251.1000
342544.254c: FileVersion: 10.0.14251.1000 (rs1_release.160124-1059)
352544.254c: FileDescription: Windows NT BASE API Client DLL
362544.254c: \SystemRoot\System32\KernelBase.dll:
372544.254c: CreationTime: 2016-01-25T04:23:03.353803000Z
382544.254c: LastWriteTime: 2016-01-25T04:23:03.353803000Z
392544.254c: ChangeTime: 2016-01-30T22:01:38.774090200Z
402544.254c: FileAttributes: 0x20
412544.254c: Size: 0x1ef520
422544.254c: NT Headers: 0xf0
432544.254c: Timestamp: 0x56a544c9
442544.254c: Machine: 0x8664 - amd64
452544.254c: Timestamp: 0x56a544c9
462544.254c: Image Version: 10.0
472544.254c: SizeOfImage: 0x1f2000 (2039808)
482544.254c: Resource Dir: 0x1da000 LB 0x540
492544.254c: ProductName: Microsoft® Windows® Operating System
502544.254c: ProductVersion: 10.0.14251.1000
512544.254c: FileVersion: 10.0.14251.1000 (rs1_release.160124-1059)
522544.254c: FileDescription: Windows NT BASE API Client DLL
532544.254c: \SystemRoot\System32\apisetschema.dll:
542544.254c: CreationTime: 2016-01-25T04:22:57.775234300Z
552544.254c: LastWriteTime: 2016-01-25T04:22:57.775234300Z
562544.254c: ChangeTime: 2016-01-30T22:01:32.586366600Z
572544.254c: FileAttributes: 0x20
582544.254c: Size: 0x16710
592544.254c: NT Headers: 0xc0
602544.254c: Timestamp: 0x56a54713
612544.254c: Machine: 0x8664 - amd64
622544.254c: Timestamp: 0x56a54713
632544.254c: Image Version: 10.0
642544.254c: SizeOfImage: 0x18000 (98304)
652544.254c: Resource Dir: 0x17000 LB 0x400
662544.254c: ProductName: Microsoft® Windows® Operating System
672544.254c: ProductVersion: 10.0.14251.1000
682544.254c: FileVersion: 10.0.14251.1000 (rs1_release.160124-1059)
692544.254c: FileDescription: ApiSet Schema DLL
702544.254c: Found driver aswHwid (0x4)
712544.254c: Found driver aswVmm (0x4)
722544.254c: Found driver aswStm (0x4)
732544.254c: Found driver aswRvrt (0x4)
742544.254c: supR3HardenedWinFindAdversaries: 0x204
752544.254c: \SystemRoot\System32\drivers\aswHwid.sys:
762544.254c: CreationTime: 2016-01-31T04:46:53.777141100Z
772544.254c: LastWriteTime: 2016-01-31T04:46:50.434393300Z
782544.254c: ChangeTime: 2016-01-31T04:48:09.626515400Z
792544.254c: FileAttributes: 0x20
802544.254c: Size: 0x6ff0
812544.254c: NT Headers: 0xe8
822544.254c: Timestamp: 0x565d5f8d
832544.254c: Machine: 0x8664 - amd64
842544.254c: Timestamp: 0x565d5f8d
852544.254c: Image Version: 6.0
862544.254c: SizeOfImage: 0xa000 (40960)
872544.254c: Resource Dir: 0x8000 LB 0x398
882544.254c: ProductName: Avast Antivirus
892544.254c: ProductVersion: 11.1.2245.1540
902544.254c: FileVersion: 11.1.2245.1540
912544.254c: FileDescription: avast! HWID
922544.254c: \SystemRoot\System32\drivers\aswMonFlt.sys:
932544.254c: CreationTime: 2016-01-31T04:46:53.779130800Z
942544.254c: LastWriteTime: 2016-01-31T04:47:17.822583200Z
952544.254c: ChangeTime: 2016-01-31T04:48:09.626515400Z
962544.254c: FileAttributes: 0x20
972544.254c: Size: 0x17d70
982544.254c: NT Headers: 0xd8
992544.254c: Timestamp: 0x56685024
1002544.254c: Machine: 0x8664 - amd64
1012544.254c: Timestamp: 0x56685024
1022544.254c: Image Version: 6.0
1032544.254c: SizeOfImage: 0x25000 (151552)
1042544.254c: Resource Dir: 0x23000 LB 0x3c0
1052544.254c: ProductName: Avast Antivirus
1062544.254c: ProductVersion: 11.1.2245.1545
1072544.254c: FileVersion: 11.1.2245.1545
1082544.254c: FileDescription: avast! File System Minifilter for Windows 2003/Vista
1092544.254c: \SystemRoot\System32\drivers\aswRdr2.sys:
1102544.254c: CreationTime: 2016-01-31T04:46:53.774140900Z
1112544.254c: LastWriteTime: 2016-01-31T04:46:50.382345300Z
1122544.254c: ChangeTime: 2016-01-31T04:48:09.627516700Z
1132544.254c: FileAttributes: 0x20
1142544.254c: Size: 0x16d58
1152544.254c: NT Headers: 0xf8
1162544.254c: Timestamp: 0x565d5f70
1172544.254c: Machine: 0x8664 - amd64
1182544.254c: Timestamp: 0x565d5f70
1192544.254c: Image Version: 6.1
1202544.254c: SizeOfImage: 0x1a000 (106496)
1212544.254c: Resource Dir: 0x18000 LB 0x3a8
1222544.254c: ProductName: Avast Antivirus
1232544.254c: ProductVersion: 11.1.2245.1540
1242544.254c: FileVersion: 11.1.2245.1540 built by: WinDDK
1252544.254c: FileDescription: avast! WFP Redirect Driver
1262544.254c: \SystemRoot\System32\drivers\aswRvrt.sys:
1272544.254c: CreationTime: 2016-01-31T04:46:53.782154100Z
1282544.254c: LastWriteTime: 2016-01-31T04:46:50.442400900Z
1292544.254c: ChangeTime: 2016-01-31T04:48:09.627516700Z
1302544.254c: FileAttributes: 0x20
1312544.254c: Size: 0xfec8
1322544.254c: NT Headers: 0xf8
1332544.254c: Timestamp: 0x565d5f79
1342544.254c: Machine: 0x8664 - amd64
1352544.254c: Timestamp: 0x565d5f79
1362544.254c: Image Version: 6.0
1372544.254c: SizeOfImage: 0x13000 (77824)
1382544.254c: Resource Dir: 0x11000 LB 0x398
1392544.254c: ProductName: Avast Antivirus
1402544.254c: ProductVersion: 11.1.2245.1540
1412544.254c: FileVersion: 11.1.2245.1540
1422544.254c: FileDescription: avast! Revert
1432544.254c: \SystemRoot\System32\drivers\aswSnx.sys:
1442544.254c: CreationTime: 2016-01-31T04:46:53.732086500Z
1452544.254c: LastWriteTime: 2016-01-31T04:47:18.327674200Z
1462544.254c: ChangeTime: 2016-01-31T04:48:09.627516700Z
1472544.254c: FileAttributes: 0x20
1482544.254c: Size: 0x1040f8
1492544.254c: NT Headers: 0xf0
1502544.254c: Timestamp: 0x569e3ea4
1512544.254c: Machine: 0x8664 - amd64
1522544.254c: Timestamp: 0x569e3ea4
1532544.254c: Image Version: 6.0
1542544.254c: SizeOfImage: 0x104000 (1064960)
1552544.254c: Resource Dir: 0xfc000 LB 0x388
1562544.254c: ProductName: Avast Antivirus
1572544.254c: ProductVersion: 11.1.2245.1552
1582544.254c: FileVersion: 11.1.2245.1552
1592544.254c: FileDescription: avast! Virtualization Driver
1602544.254c: \SystemRoot\System32\drivers\aswsp.sys:
1612544.254c: CreationTime: 2016-01-31T04:46:53.786161400Z
1622544.254c: LastWriteTime: 2016-01-31T04:47:18.344693600Z
1632544.254c: ChangeTime: 2016-01-31T04:48:09.629518900Z
1642544.254c: FileAttributes: 0x20
1652544.254c: Size: 0x71580
1662544.254c: NT Headers: 0x100
1672544.254c: Timestamp: 0x569e426c
1682544.254c: Machine: 0x8664 - amd64
1692544.254c: Timestamp: 0x569e426c
1702544.254c: Image Version: 6.0
1712544.254c: SizeOfImage: 0x76000 (483328)
1722544.254c: Resource Dir: 0x74000 LB 0x380
1732544.254c: ProductName: Avast Antivirus
1742544.254c: ProductVersion: 11.1.2245.1552
1752544.254c: FileVersion: 11.1.2245.1552
1762544.254c: FileDescription: avast! self protection module
1772544.254c: \SystemRoot\System32\drivers\aswStm.sys:
1782544.254c: CreationTime: 2016-01-31T04:46:53.791678500Z
1792544.254c: LastWriteTime: 2016-01-31T04:46:50.485491000Z
1802544.254c: ChangeTime: 2016-01-31T04:48:09.630519400Z
1812544.254c: FileAttributes: 0x20
1822544.254c: Size: 0x25ea8
1832544.254c: NT Headers: 0x100
1842544.254c: Timestamp: 0x565d651b
1852544.254c: Machine: 0x8664 - amd64
1862544.254c: Timestamp: 0x565d651b
1872544.254c: Image Version: 6.2
1882544.254c: SizeOfImage: 0x28000 (163840)
1892544.254c: Resource Dir: 0x26000 LB 0x360
1902544.254c: ProductName: Avast Antivirus
1912544.254c: ProductVersion: 11.1.2245.1540
1922544.254c: FileVersion: 11.1.2245.1540
1932544.254c: FileDescription: Stream Filter
1942544.254c: \SystemRoot\System32\drivers\aswVmm.sys:
1952544.254c: CreationTime: 2016-01-31T04:46:53.789175000Z
1962544.254c: LastWriteTime: 2016-01-31T04:46:50.466440700Z
1972544.254c: ChangeTime: 2016-01-31T04:48:09.631520300Z
1982544.254c: FileAttributes: 0x20
1992544.254c: Size: 0x42d78
2002544.254c: NT Headers: 0xe8
2012544.254c: Timestamp: 0x565d63d1
2022544.254c: Machine: 0x8664 - amd64
2032544.254c: Timestamp: 0x565d63d1
2042544.254c: Image Version: 6.0
2052544.254c: SizeOfImage: 0x45000 (282624)
2062544.254c: Resource Dir: 0x42000 LB 0x3a0
2072544.254c: ProductName: Avast Antivirus
2082544.254c: ProductVersion: 11.1.2245.1540
2092544.254c: FileVersion: 11.1.2245.1540
2102544.254c: FileDescription: avast! VM Monitor
2112544.254c: \SystemRoot\System32\drivers\NNSNAHSL.sys:
2122544.254c: CreationTime: 2014-12-31T11:39:32.000000000Z
2132544.254c: LastWriteTime: 2014-12-31T11:39:32.000000000Z
2142544.254c: ChangeTime: 2016-01-30T20:05:47.541075800Z
2152544.254c: FileAttributes: 0x20
2162544.254c: Size: 0xc310
2172544.254c: NT Headers: 0xe8
2182544.254c: Timestamp: 0x54a3dc8d
2192544.254c: Machine: 0x8664 - amd64
2202544.254c: Timestamp: 0x54a3dc8d
2212544.254c: Image Version: 6.2
2222544.254c: SizeOfImage: 0xf000 (61440)
2232544.254c: Resource Dir: 0xd000 LB 0x368
2242544.254c: ProductName: Nano Network Security
2252544.254c: ProductVersion: 3.1.0.342
2262544.254c: FileVersion: 4.1.0.47
2272544.254c: FileDescription: Network Activity Hook Server LWF
2282544.254c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
2292544.254c: Calling main()
2302544.254c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2312544.254c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
2322544.254c: SUPR3HardenedMain: Respawn #1
2332544.254c: System32: \Device\HarddiskVolume2\Windows\System32
2342544.254c: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
2352544.254c: KnownDllPath: C:\WINDOWS\system32
2362544.254c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2372544.254c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
2382544.254c: supR3HardNtEnableThreadCreation:
2392544.254c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffb6585c150 pvNtTerminateThread=00007ffb658d1400
2402544.254c: supR3HardenedWinDoReSpawn(1): New child 2550.1174 [kernel32].
2412544.254c: supR3HardNtChildGatherData: PebBaseAddress=000000000027a000 cbPeb=0x388
2422544.254c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffb65830000 uNtDllChildAddr=00007ffb65830000
2432544.254c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffb6585c150
2442544.254c: supR3HardenedWinSetupChildInit: Start child.
2452544.254c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 8 ms.
2462544.254c: supR3HardNtChildPurify: Startup delay kludge #1/0: 517 ms, 59 sleeps
2472544.254c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2482544.254c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
2492544.254c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
2502544.254c: *0000000000030000-000000000001afff 0x0002/0x0002 0x0040000
2512544.254c: 0000000000045000-0000000000039fff 0x0001/0x0000 0x0000000
2522544.254c: *0000000000050000-fffffffffff53fff 0x0000/0x0004 0x0020000
2532544.254c: 000000000014c000-0000000000148fff 0x0104/0x0004 0x0020000
2542544.254c: 000000000014f000-000000000014dfff 0x0004/0x0004 0x0020000
2552544.254c: *0000000000150000-000000000014bfff 0x0002/0x0002 0x0040000
2562544.254c: 0000000000154000-0000000000147fff 0x0001/0x0000 0x0000000
2572544.254c: *0000000000160000-000000000015dfff 0x0004/0x0004 0x0020000
2582544.254c: 0000000000162000-0000000000153fff 0x0001/0x0000 0x0000000
2592544.254c: *0000000000170000-000000000016cfff 0x0004/0x0004 0x0020000
2602544.254c: 0000000000173000-00000000000e5fff 0x0001/0x0000 0x0000000
2612544.254c: *0000000000200000-0000000000185fff 0x0000/0x0004 0x0020000
2622544.254c: 000000000027a000-0000000000276fff 0x0004/0x0004 0x0020000
2632544.254c: 000000000027d000-00000000000f9fff 0x0000/0x0004 0x0020000
2642544.254c: 0000000000400000-ffffffff8081ffff 0x0001/0x0000 0x0000000
2652544.254c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2662544.254c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2672544.254c: 000000007fff0000-ffff8009b63dffff 0x0001/0x0000 0x0000000
2682544.254c: *00007ff749c00000-00007ff749bdcfff 0x0002/0x0002 0x0040000
2692544.254c: 00007ff749c23000-00007ff748e65fff 0x0001/0x0000 0x0000000
2702544.254c: *00007ff74a9e0000-00007ff74a9e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2712544.254c: 00007ff74a9e1000-00007ff74a9e7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2722544.254c: 00007ff74a9e8000-00007ff74a9e8fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2732544.254c: 00007ff74a9e9000-00007ff74a9e9fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2742544.254c: 00007ff74a9ea000-00007ff74a9eafff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2752544.254c: 00007ff74a9eb000-00007ff74a9f7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2762544.254c: 00007ff74a9f8000-00007ff74a9f9fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2772544.254c: 00007ff74a9fa000-00007ff74aa02fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2782544.254c: 00007ff74aa03000-00007ff74aa03fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2792544.254c: 00007ff74aa04000-00007ff74aa67fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2802544.254c: 00007ff74aa68000-00007ff74aa68fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2812544.254c: 00007ff74aa69000-00007ff74aa73fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2822544.254c: 00007ff74aa74000-00007ff74aa74fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2832544.254c: 00007ff74aa75000-00007ff74aab3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2842544.254c: 00007ff74aab4000-00007ff74aab4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2852544.254c: 00007ff74aab5000-00007ff74aab5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2862544.254c: Error (rc=-5644):
2872544.254c: Too many regions for VirtualBox.exe.
2882544.254c: Error (rc=-5644):
2892544.254c: supHardenedWinVerifyProcess failed with Unknown Status -5644 (0xffffe9f4): Too many regions for VirtualBox.exe.
2902544.254c: Error -5644 in supR3HardNtChildPurify! (enmWhat=5)
2912544.254c: supHardenedWinVerifyProcess failed with Unknown Status -5644 (0xffffe9f4): Too many regions for VirtualBox.exe.
2922544.254c: supR3HardNtEnableThreadCreation:

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy