| 1 | 118c.1b38: Log file opened: 5.1.9r111957 g_hStartupLog=0000000000000060 g_uNtVerCombined=0xa03a7b00
|
|---|
| 2 | 118c.1b38: \SystemRoot\System32\ntdll.dll:
|
|---|
| 3 | 118c.1b38: CreationTime: 2016-11-12T10:03:35.068381200Z
|
|---|
| 4 | 118c.1b38: LastWriteTime: 2016-11-12T10:03:35.068381200Z
|
|---|
| 5 | 118c.1b38: ChangeTime: 2016-11-18T20:12:03.929449100Z
|
|---|
| 6 | 118c.1b38: FileAttributes: 0x20
|
|---|
| 7 | 118c.1b38: Size: 0x1cdc80
|
|---|
| 8 | 118c.1b38: NT Headers: 0xe0
|
|---|
| 9 | 118c.1b38: Timestamp: 0xdf1e957e
|
|---|
| 10 | 118c.1b38: Machine: 0x8664 - amd64
|
|---|
| 11 | 118c.1b38: Timestamp: 0xdf1e957e
|
|---|
| 12 | 118c.1b38: Image Version: 10.0
|
|---|
| 13 | 118c.1b38: SizeOfImage: 0x1d2000 (1908736)
|
|---|
| 14 | 118c.1b38: Resource Dir: 0x169000 LB 0x67d98
|
|---|
| 15 | 118c.1b38: ProductName: Microsoft® Windows® Operating System
|
|---|
| 16 | 118c.1b38: ProductVersion: 10.0.14971.1000
|
|---|
| 17 | 118c.1b38: FileVersion: 10.0.14971.1000 (rs_prerelease.161111-1700)
|
|---|
| 18 | 118c.1b38: FileDescription: NT Layer DLL
|
|---|
| 19 | 118c.1b38: \SystemRoot\System32\kernel32.dll:
|
|---|
| 20 | 118c.1b38: CreationTime: 2016-11-12T10:03:24.770618000Z
|
|---|
| 21 | 118c.1b38: LastWriteTime: 2016-11-12T10:03:24.770618000Z
|
|---|
| 22 | 118c.1b38: ChangeTime: 2016-11-18T20:12:03.710698800Z
|
|---|
| 23 | 118c.1b38: FileAttributes: 0x20
|
|---|
| 24 | 118c.1b38: Size: 0xaa1b8
|
|---|
| 25 | 118c.1b38: NT Headers: 0xf0
|
|---|
| 26 | 118c.1b38: Timestamp: 0x6d8baca5
|
|---|
| 27 | 118c.1b38: Machine: 0x8664 - amd64
|
|---|
| 28 | 118c.1b38: Timestamp: 0x6d8baca5
|
|---|
| 29 | 118c.1b38: Image Version: 10.0
|
|---|
| 30 | 118c.1b38: SizeOfImage: 0xad000 (708608)
|
|---|
| 31 | 118c.1b38: Resource Dir: 0xab000 LB 0x528
|
|---|
| 32 | 118c.1b38: ProductName: Microsoft® Windows® Operating System
|
|---|
| 33 | 118c.1b38: ProductVersion: 10.0.14971.1000
|
|---|
| 34 | 118c.1b38: FileVersion: 10.0.14971.1000 (rs_prerelease.161111-1700)
|
|---|
| 35 | 118c.1b38: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 36 | 118c.1b38: \SystemRoot\System32\KernelBase.dll:
|
|---|
| 37 | 118c.1b38: CreationTime: 2016-11-12T10:03:32.615044200Z
|
|---|
| 38 | 118c.1b38: LastWriteTime: 2016-11-12T10:03:32.615044200Z
|
|---|
| 39 | 118c.1b38: ChangeTime: 2016-11-18T20:12:03.726323800Z
|
|---|
| 40 | 118c.1b38: FileAttributes: 0x20
|
|---|
| 41 | 118c.1b38: Size: 0x233690
|
|---|
| 42 | 118c.1b38: NT Headers: 0xf0
|
|---|
| 43 | 118c.1b38: Timestamp: 0x26f2fe1c
|
|---|
| 44 | 118c.1b38: Machine: 0x8664 - amd64
|
|---|
| 45 | 118c.1b38: Timestamp: 0x26f2fe1c
|
|---|
| 46 | 118c.1b38: Image Version: 10.0
|
|---|
| 47 | 118c.1b38: SizeOfImage: 0x235000 (2314240)
|
|---|
| 48 | 118c.1b38: Resource Dir: 0x217000 LB 0x550
|
|---|
| 49 | 118c.1b38: ProductName: Microsoft® Windows® Operating System
|
|---|
| 50 | 118c.1b38: ProductVersion: 10.0.14971.1000
|
|---|
| 51 | 118c.1b38: FileVersion: 10.0.14971.1000 (rs_prerelease.161111-1700)
|
|---|
| 52 | 118c.1b38: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 53 | 118c.1b38: \SystemRoot\System32\apisetschema.dll:
|
|---|
| 54 | 118c.1b38: CreationTime: 2016-11-12T10:03:32.568165500Z
|
|---|
| 55 | 118c.1b38: LastWriteTime: 2016-11-12T10:03:32.568165500Z
|
|---|
| 56 | 118c.1b38: ChangeTime: 2016-11-18T20:12:02.413820000Z
|
|---|
| 57 | 118c.1b38: FileAttributes: 0x20
|
|---|
| 58 | 118c.1b38: Size: 0x19310
|
|---|
| 59 | 118c.1b38: NT Headers: 0xc8
|
|---|
| 60 | 118c.1b38: Timestamp: 0x6a79d354
|
|---|
| 61 | 118c.1b38: Machine: 0x8664 - amd64
|
|---|
| 62 | 118c.1b38: Timestamp: 0x6a79d354
|
|---|
| 63 | 118c.1b38: Image Version: 10.0
|
|---|
| 64 | 118c.1b38: SizeOfImage: 0x1b000 (110592)
|
|---|
| 65 | 118c.1b38: Resource Dir: 0x1a000 LB 0x418
|
|---|
| 66 | 118c.1b38: ProductName: Microsoft® Windows® Operating System
|
|---|
| 67 | 118c.1b38: ProductVersion: 10.0.14971.1000
|
|---|
| 68 | 118c.1b38: FileVersion: 10.0.14971.1000 (rs_prerelease.161111-1700)
|
|---|
| 69 | 118c.1b38: FileDescription: ApiSet Schema DLL
|
|---|
| 70 | 118c.1b38: NtOpenDirectoryObject failed on \Driver: 0xc0000022
|
|---|
| 71 | 118c.1b38: supR3HardenedWinFindAdversaries: 0x0
|
|---|
| 72 | 118c.1b38: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
|
|---|
| 73 | 118c.1b38: Calling main()
|
|---|
| 74 | 118c.1b38: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
|
|---|
| 75 | 118c.1b38: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
|
|---|
| 76 | 118c.1b38: SUPR3HardenedMain: Respawn #1
|
|---|
| 77 | 118c.1b38: System32: \Device\HarddiskVolume4\Windows\System32
|
|---|
| 78 | 118c.1b38: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
|
|---|
| 79 | 118c.1b38: KnownDllPath: C:\WINDOWS\System32
|
|---|
| 80 | 118c.1b38: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 81 | 118c.1b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
|
|---|
| 82 | 118c.1b38: supR3HardNtEnableThreadCreation:
|
|---|
| 83 | 118c.1b38: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd6e326c60 pvNtTerminateThread=00007ffd6e3559f0
|
|---|
| 84 | 118c.1b38: supR3HardenedWinDoReSpawn(1): New child 3868.3d60 [kernel32].
|
|---|
| 85 | 118c.1b38: supR3HardNtChildGatherData: PebBaseAddress=0000000000b99000 cbPeb=0x388
|
|---|
| 86 | 118c.1b38: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd6e2b0000 uNtDllChildAddr=00007ffd6e2b0000
|
|---|
| 87 | 118c.1b38: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd6e326c60
|
|---|
| 88 | 118c.1b38: supR3HardenedWinSetupChildInit: Start child.
|
|---|
| 89 | 118c.1b38: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
|
|---|
| 90 | 118c.1b38: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 25 sleeps
|
|---|
| 91 | 118c.1b38: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
|
|---|
| 92 | 118c.1b38: *0000000000000000-ffffffffff64ffff 0x0001/0x0000 0x0000000
|
|---|
| 93 | 118c.1b38: *00000000009b0000-000000000098ffff 0x0004/0x0004 0x0020000
|
|---|
| 94 | 118c.1b38: *00000000009d0000-00000000009b7fff 0x0002/0x0002 0x0040000
|
|---|
| 95 | 118c.1b38: 00000000009e8000-00000000009dffff 0x0001/0x0000 0x0000000
|
|---|
| 96 | 118c.1b38: *00000000009f0000-00000000009ebfff 0x0002/0x0002 0x0040000
|
|---|
| 97 | 118c.1b38: 00000000009f4000-00000000009e7fff 0x0001/0x0000 0x0000000
|
|---|
| 98 | 118c.1b38: *0000000000a00000-0000000000866fff 0x0000/0x0004 0x0020000
|
|---|
| 99 | 118c.1b38: 0000000000b99000-0000000000b95fff 0x0004/0x0004 0x0020000
|
|---|
| 100 | 118c.1b38: 0000000000b9c000-0000000000b37fff 0x0000/0x0004 0x0020000
|
|---|
| 101 | 118c.1b38: *0000000000c00000-0000000000b04fff 0x0000/0x0004 0x0020000
|
|---|
| 102 | 118c.1b38: 0000000000cfb000-0000000000cf7fff 0x0104/0x0004 0x0020000
|
|---|
| 103 | 118c.1b38: 0000000000cfe000-0000000000cfbfff 0x0004/0x0004 0x0020000
|
|---|
| 104 | 118c.1b38: *0000000000d00000-0000000000cfdfff 0x0004/0x0004 0x0020000
|
|---|
| 105 | 118c.1b38: 0000000000d02000-ffffffff81a23fff 0x0001/0x0000 0x0000000
|
|---|
| 106 | 118c.1b38: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
|
|---|
| 107 | 118c.1b38: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
|
|---|
| 108 | 118c.1b38: 000000007fff0000-ffff800ac9c3ffff 0x0001/0x0000 0x0000000
|
|---|
| 109 | 118c.1b38: *00007ff6363a0000-00007ff63637cfff 0x0002/0x0002 0x0040000
|
|---|
| 110 | 118c.1b38: 00007ff6363c3000-00007ff635d95fff 0x0001/0x0000 0x0000000
|
|---|
| 111 | 118c.1b38: *00007ff6369f0000-00007ff6369f0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 112 | 118c.1b38: 00007ff6369f1000-00007ff636a5ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 113 | 118c.1b38: 00007ff636a60000-00007ff636a60fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 114 | 118c.1b38: 00007ff636a61000-00007ff636aa5fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 115 | 118c.1b38: 00007ff636aa6000-00007ff636aa6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 116 | 118c.1b38: 00007ff636aa7000-00007ff636aa7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 117 | 118c.1b38: 00007ff636aa8000-00007ff636aacfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 118 | 118c.1b38: 00007ff636aad000-00007ff636aadfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 119 | 118c.1b38: 00007ff636aae000-00007ff636aaefff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 120 | 118c.1b38: 00007ff636aaf000-00007ff636ab2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 121 | 118c.1b38: 00007ff636ab3000-00007ff636afafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 122 | 118c.1b38: 00007ff636afb000-00007feeff345fff 0x0001/0x0000 0x0000000
|
|---|
| 123 | 118c.1b38: *00007ffd6e2b0000-00007ffd6e2b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 124 | 118c.1b38: 00007ffd6e2b1000-00007ffd6e3b9fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 125 | 118c.1b38: 00007ffd6e3ba000-00007ffd6e3fdfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 126 | 118c.1b38: 00007ffd6e3fe000-00007ffd6e405fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 127 | 118c.1b38: 00007ffd6e406000-00007ffd6e413fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 128 | 118c.1b38: 00007ffd6e414000-00007ffd6e414fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 129 | 118c.1b38: 00007ffd6e415000-00007ffd6e417fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 130 | 118c.1b38: 00007ffd6e418000-00007ffd6e481fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 131 | 118c.1b38: 00007ffd6e482000-00007ffadc923fff 0x0001/0x0000 0x0000000
|
|---|
| 132 | 118c.1b38: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
|
|---|
| 133 | 118c.1b38: VirtualBox.exe: timestamp 0x582c8767 (rc=VINF_SUCCESS)
|
|---|
| 134 | 118c.1b38: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 135 | 118c.1b38: Error (rc=-23033):
|
|---|
| 136 | 118c.1b38: supHardenedWinVerifyProcess failed with Unknown Status -23033 (0xffffa607): Certificate is not valid (ValidTime=2088-08-14T12:05:18.000000000Z Validity=[2014-05-28T17:33:33.000000000Z...2029-05-28T17:43:33.000000000Z]): \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 137 | 118c.1b38: Error -23033 in supR3HardNtChildPurify! (enmWhat=5)
|
|---|
| 138 | 118c.1b38: supHardenedWinVerifyProcess failed with Unknown Status -23033 (0xffffa607): Certificate is not valid (ValidTime=2088-08-14T12:05:18.000000000Z Validity=[2014-05-28T17:33:33.000000000Z...2029-05-28T17:43:33.000000000Z]): \Device\HarddiskVolume4\Windows\System32\ntdll.dll
|
|---|
| 139 | 118c.1b38: supR3HardNtEnableThreadCreation:
|
|---|