VirtualBox

Ticket #16202: VBoxHardening.log

File VBoxHardening.log, 10.0 KB (added by teh_klev, 8 years ago)
Line 
1118c.1b38: Log file opened: 5.1.9r111957 g_hStartupLog=0000000000000060 g_uNtVerCombined=0xa03a7b00
2118c.1b38: \SystemRoot\System32\ntdll.dll:
3118c.1b38: CreationTime: 2016-11-12T10:03:35.068381200Z
4118c.1b38: LastWriteTime: 2016-11-12T10:03:35.068381200Z
5118c.1b38: ChangeTime: 2016-11-18T20:12:03.929449100Z
6118c.1b38: FileAttributes: 0x20
7118c.1b38: Size: 0x1cdc80
8118c.1b38: NT Headers: 0xe0
9118c.1b38: Timestamp: 0xdf1e957e
10118c.1b38: Machine: 0x8664 - amd64
11118c.1b38: Timestamp: 0xdf1e957e
12118c.1b38: Image Version: 10.0
13118c.1b38: SizeOfImage: 0x1d2000 (1908736)
14118c.1b38: Resource Dir: 0x169000 LB 0x67d98
15118c.1b38: ProductName: Microsoft® Windows® Operating System
16118c.1b38: ProductVersion: 10.0.14971.1000
17118c.1b38: FileVersion: 10.0.14971.1000 (rs_prerelease.161111-1700)
18118c.1b38: FileDescription: NT Layer DLL
19118c.1b38: \SystemRoot\System32\kernel32.dll:
20118c.1b38: CreationTime: 2016-11-12T10:03:24.770618000Z
21118c.1b38: LastWriteTime: 2016-11-12T10:03:24.770618000Z
22118c.1b38: ChangeTime: 2016-11-18T20:12:03.710698800Z
23118c.1b38: FileAttributes: 0x20
24118c.1b38: Size: 0xaa1b8
25118c.1b38: NT Headers: 0xf0
26118c.1b38: Timestamp: 0x6d8baca5
27118c.1b38: Machine: 0x8664 - amd64
28118c.1b38: Timestamp: 0x6d8baca5
29118c.1b38: Image Version: 10.0
30118c.1b38: SizeOfImage: 0xad000 (708608)
31118c.1b38: Resource Dir: 0xab000 LB 0x528
32118c.1b38: ProductName: Microsoft® Windows® Operating System
33118c.1b38: ProductVersion: 10.0.14971.1000
34118c.1b38: FileVersion: 10.0.14971.1000 (rs_prerelease.161111-1700)
35118c.1b38: FileDescription: Windows NT BASE API Client DLL
36118c.1b38: \SystemRoot\System32\KernelBase.dll:
37118c.1b38: CreationTime: 2016-11-12T10:03:32.615044200Z
38118c.1b38: LastWriteTime: 2016-11-12T10:03:32.615044200Z
39118c.1b38: ChangeTime: 2016-11-18T20:12:03.726323800Z
40118c.1b38: FileAttributes: 0x20
41118c.1b38: Size: 0x233690
42118c.1b38: NT Headers: 0xf0
43118c.1b38: Timestamp: 0x26f2fe1c
44118c.1b38: Machine: 0x8664 - amd64
45118c.1b38: Timestamp: 0x26f2fe1c
46118c.1b38: Image Version: 10.0
47118c.1b38: SizeOfImage: 0x235000 (2314240)
48118c.1b38: Resource Dir: 0x217000 LB 0x550
49118c.1b38: ProductName: Microsoft® Windows® Operating System
50118c.1b38: ProductVersion: 10.0.14971.1000
51118c.1b38: FileVersion: 10.0.14971.1000 (rs_prerelease.161111-1700)
52118c.1b38: FileDescription: Windows NT BASE API Client DLL
53118c.1b38: \SystemRoot\System32\apisetschema.dll:
54118c.1b38: CreationTime: 2016-11-12T10:03:32.568165500Z
55118c.1b38: LastWriteTime: 2016-11-12T10:03:32.568165500Z
56118c.1b38: ChangeTime: 2016-11-18T20:12:02.413820000Z
57118c.1b38: FileAttributes: 0x20
58118c.1b38: Size: 0x19310
59118c.1b38: NT Headers: 0xc8
60118c.1b38: Timestamp: 0x6a79d354
61118c.1b38: Machine: 0x8664 - amd64
62118c.1b38: Timestamp: 0x6a79d354
63118c.1b38: Image Version: 10.0
64118c.1b38: SizeOfImage: 0x1b000 (110592)
65118c.1b38: Resource Dir: 0x1a000 LB 0x418
66118c.1b38: ProductName: Microsoft® Windows® Operating System
67118c.1b38: ProductVersion: 10.0.14971.1000
68118c.1b38: FileVersion: 10.0.14971.1000 (rs_prerelease.161111-1700)
69118c.1b38: FileDescription: ApiSet Schema DLL
70118c.1b38: NtOpenDirectoryObject failed on \Driver: 0xc0000022
71118c.1b38: supR3HardenedWinFindAdversaries: 0x0
72118c.1b38: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
73118c.1b38: Calling main()
74118c.1b38: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
75118c.1b38: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
76118c.1b38: SUPR3HardenedMain: Respawn #1
77118c.1b38: System32: \Device\HarddiskVolume4\Windows\System32
78118c.1b38: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
79118c.1b38: KnownDllPath: C:\WINDOWS\System32
80118c.1b38: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
81118c.1b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
82118c.1b38: supR3HardNtEnableThreadCreation:
83118c.1b38: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd6e326c60 pvNtTerminateThread=00007ffd6e3559f0
84118c.1b38: supR3HardenedWinDoReSpawn(1): New child 3868.3d60 [kernel32].
85118c.1b38: supR3HardNtChildGatherData: PebBaseAddress=0000000000b99000 cbPeb=0x388
86118c.1b38: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd6e2b0000 uNtDllChildAddr=00007ffd6e2b0000
87118c.1b38: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd6e326c60
88118c.1b38: supR3HardenedWinSetupChildInit: Start child.
89118c.1b38: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
90118c.1b38: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 25 sleeps
91118c.1b38: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
92118c.1b38: *0000000000000000-ffffffffff64ffff 0x0001/0x0000 0x0000000
93118c.1b38: *00000000009b0000-000000000098ffff 0x0004/0x0004 0x0020000
94118c.1b38: *00000000009d0000-00000000009b7fff 0x0002/0x0002 0x0040000
95118c.1b38: 00000000009e8000-00000000009dffff 0x0001/0x0000 0x0000000
96118c.1b38: *00000000009f0000-00000000009ebfff 0x0002/0x0002 0x0040000
97118c.1b38: 00000000009f4000-00000000009e7fff 0x0001/0x0000 0x0000000
98118c.1b38: *0000000000a00000-0000000000866fff 0x0000/0x0004 0x0020000
99118c.1b38: 0000000000b99000-0000000000b95fff 0x0004/0x0004 0x0020000
100118c.1b38: 0000000000b9c000-0000000000b37fff 0x0000/0x0004 0x0020000
101118c.1b38: *0000000000c00000-0000000000b04fff 0x0000/0x0004 0x0020000
102118c.1b38: 0000000000cfb000-0000000000cf7fff 0x0104/0x0004 0x0020000
103118c.1b38: 0000000000cfe000-0000000000cfbfff 0x0004/0x0004 0x0020000
104118c.1b38: *0000000000d00000-0000000000cfdfff 0x0004/0x0004 0x0020000
105118c.1b38: 0000000000d02000-ffffffff81a23fff 0x0001/0x0000 0x0000000
106118c.1b38: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
107118c.1b38: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
108118c.1b38: 000000007fff0000-ffff800ac9c3ffff 0x0001/0x0000 0x0000000
109118c.1b38: *00007ff6363a0000-00007ff63637cfff 0x0002/0x0002 0x0040000
110118c.1b38: 00007ff6363c3000-00007ff635d95fff 0x0001/0x0000 0x0000000
111118c.1b38: *00007ff6369f0000-00007ff6369f0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
112118c.1b38: 00007ff6369f1000-00007ff636a5ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
113118c.1b38: 00007ff636a60000-00007ff636a60fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
114118c.1b38: 00007ff636a61000-00007ff636aa5fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
115118c.1b38: 00007ff636aa6000-00007ff636aa6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
116118c.1b38: 00007ff636aa7000-00007ff636aa7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
117118c.1b38: 00007ff636aa8000-00007ff636aacfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
118118c.1b38: 00007ff636aad000-00007ff636aadfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
119118c.1b38: 00007ff636aae000-00007ff636aaefff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
120118c.1b38: 00007ff636aaf000-00007ff636ab2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
121118c.1b38: 00007ff636ab3000-00007ff636afafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
122118c.1b38: 00007ff636afb000-00007feeff345fff 0x0001/0x0000 0x0000000
123118c.1b38: *00007ffd6e2b0000-00007ffd6e2b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
124118c.1b38: 00007ffd6e2b1000-00007ffd6e3b9fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
125118c.1b38: 00007ffd6e3ba000-00007ffd6e3fdfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
126118c.1b38: 00007ffd6e3fe000-00007ffd6e405fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
127118c.1b38: 00007ffd6e406000-00007ffd6e413fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
128118c.1b38: 00007ffd6e414000-00007ffd6e414fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
129118c.1b38: 00007ffd6e415000-00007ffd6e417fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
130118c.1b38: 00007ffd6e418000-00007ffd6e481fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
131118c.1b38: 00007ffd6e482000-00007ffadc923fff 0x0001/0x0000 0x0000000
132118c.1b38: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
133118c.1b38: VirtualBox.exe: timestamp 0x582c8767 (rc=VINF_SUCCESS)
134118c.1b38: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
135118c.1b38: Error (rc=-23033):
136118c.1b38: supHardenedWinVerifyProcess failed with Unknown Status -23033 (0xffffa607): Certificate is not valid (ValidTime=2088-08-14T12:05:18.000000000Z Validity=[2014-05-28T17:33:33.000000000Z...2029-05-28T17:43:33.000000000Z]): \Device\HarddiskVolume4\Windows\System32\ntdll.dll
137118c.1b38: Error -23033 in supR3HardNtChildPurify! (enmWhat=5)
138118c.1b38: supHardenedWinVerifyProcess failed with Unknown Status -23033 (0xffffa607): Certificate is not valid (ValidTime=2088-08-14T12:05:18.000000000Z Validity=[2014-05-28T17:33:33.000000000Z...2029-05-28T17:43:33.000000000Z]): \Device\HarddiskVolume4\Windows\System32\ntdll.dll
139118c.1b38: supR3HardNtEnableThreadCreation:

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy