Ticket #13811: VBoxStartup.log

File VBoxStartup.log, 26.5 KB (added by andreas81, 10 years ago)

Line
1	1160.1b1c: Log file opened: 4.3.21r97963 g_hStartupLog=0000000000000024 g_uNtVerCombined=0x611db110
2	1160.1b1c: \SystemRoot\System32\ntdll.dll:
3	1160.1b1c: CreationTime: 2013-10-09T15:24:27.804881500Z
4	1160.1b1c: LastWriteTime: 2013-08-29T02:16:35.515578900Z
5	1160.1b1c: ChangeTime: 2013-10-09T15:54:34.058494500Z
6	1160.1b1c: FileAttributes: 0x20
7	1160.1b1c: Size: 0x1a6dc0
8	1160.1b1c: NT Headers: 0xe0
9	1160.1b1c: Timestamp: 0x521eaf24
10	1160.1b1c: Machine: 0x8664 - amd64
11	1160.1b1c: Timestamp: 0x521eaf24
12	1160.1b1c: Image Version: 6.1
13	1160.1b1c: SizeOfImage: 0x1a9000 (1740800)
14	1160.1b1c: Resource Dir: 0x151000 LB 0x560d8
15	1160.1b1c: ProductName: Microsoft® Windows® Operating System
16	1160.1b1c: ProductVersion: 6.1.7601.18247
17	1160.1b1c: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
18	1160.1b1c: FileDescription: NT Layer DLL
19	1160.1b1c: \SystemRoot\System32\kernel32.dll:
20	1160.1b1c: CreationTime: 2014-04-09T06:13:06.674545300Z
21	1160.1b1c: LastWriteTime: 2014-03-04T09:44:00.336000000Z
22	1160.1b1c: ChangeTime: 2014-04-09T10:18:22.333696900Z
23	1160.1b1c: FileAttributes: 0x20
24	1160.1b1c: Size: 0x11c000
25	1160.1b1c: NT Headers: 0xe8
26	1160.1b1c: Timestamp: 0x5315a059
27	1160.1b1c: Machine: 0x8664 - amd64
28	1160.1b1c: Timestamp: 0x5315a059
29	1160.1b1c: Image Version: 6.1
30	1160.1b1c: SizeOfImage: 0x11f000 (1175552)
31	1160.1b1c: Resource Dir: 0x116000 LB 0x528
32	1160.1b1c: ProductName: Microsoft® Windows® Operating System
33	1160.1b1c: ProductVersion: 6.1.7601.18409
34	1160.1b1c: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
35	1160.1b1c: FileDescription: Windows NT BASE API Client DLL
36	1160.1b1c: \SystemRoot\System32\KernelBase.dll:
37	1160.1b1c: CreationTime: 2014-05-14T08:06:45.831753400Z
38	1160.1b1c: LastWriteTime: 2014-03-04T09:44:00.336000000Z
39	1160.1b1c: ChangeTime: 2014-05-14T08:40:03.590576600Z
40	1160.1b1c: FileAttributes: 0x20
41	1160.1b1c: Size: 0x67c00
42	1160.1b1c: NT Headers: 0xe8
43	1160.1b1c: Timestamp: 0x5315a05a
44	1160.1b1c: Machine: 0x8664 - amd64
45	1160.1b1c: Timestamp: 0x5315a05a
46	1160.1b1c: Image Version: 6.1
47	1160.1b1c: SizeOfImage: 0x6c000 (442368)
48	1160.1b1c: Resource Dir: 0x6a000 LB 0x530
49	1160.1b1c: ProductName: Microsoft® Windows® Operating System
50	1160.1b1c: ProductVersion: 6.1.7601.18409
51	1160.1b1c: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
52	1160.1b1c: FileDescription: Windows NT BASE API Client DLL
53	1160.1b1c: \SystemRoot\System32\apisetschema.dll:
54	1160.1b1c: CreationTime: 2013-09-11T06:09:27.140199800Z
55	1160.1b1c: LastWriteTime: 2013-08-02T02:12:20.275000000Z
56	1160.1b1c: ChangeTime: 2013-09-11T06:24:44.250476000Z
57	1160.1b1c: FileAttributes: 0x20
58	1160.1b1c: Size: 0x1a00
59	1160.1b1c: NT Headers: 0xc0
60	1160.1b1c: Timestamp: 0x51fb15ca
61	1160.1b1c: Machine: 0x8664 - amd64
62	1160.1b1c: Timestamp: 0x51fb15ca
63	1160.1b1c: Image Version: 6.1
64	1160.1b1c: SizeOfImage: 0x50000 (327680)
65	1160.1b1c: Resource Dir: 0x30000 LB 0x3f8
66	1160.1b1c: ProductName: Microsoft® Windows® Operating System
67	1160.1b1c: ProductVersion: 6.1.7601.18229
68	1160.1b1c: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
69	1160.1b1c: FileDescription: ApiSet Schema DLL
70	1160.1b1c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
71	1160.1b1c: supR3HardenedWinFindAdversaries: 0x2
72	1160.1b1c: \SystemRoot\System32\drivers\SysPlant.sys:
73	1160.1b1c: CreationTime: 2014-11-13T08:10:59.084878300Z
74	1160.1b1c: LastWriteTime: 2014-11-13T08:10:59.116078400Z
75	1160.1b1c: ChangeTime: 2014-11-13T08:10:59.116078400Z
76	1160.1b1c: FileAttributes: 0x20
77	1160.1b1c: Size: 0x26f40
78	1160.1b1c: NT Headers: 0x100
79	1160.1b1c: Timestamp: 0x5413cb4e
80	1160.1b1c: Machine: 0x8664 - amd64
81	1160.1b1c: Timestamp: 0x5413cb4e
82	1160.1b1c: Image Version: 5.0
83	1160.1b1c: SizeOfImage: 0x2d000 (184320)
84	1160.1b1c: Resource Dir: 0x2b000 LB 0x498
85	1160.1b1c: ProductName: Symantec CMC Firewall
86	1160.1b1c: ProductVersion: 12.1.5337.5000
87	1160.1b1c: FileVersion: 12.1.5337.5000
88	1160.1b1c: FileDescription: Symantec CMC Firewall SysPlant
89	1160.1b1c: \SystemRoot\System32\sysfer.dll:
90	1160.1b1c: CreationTime: 2014-11-13T08:10:59.038078200Z
91	1160.1b1c: LastWriteTime: 2014-11-13T08:10:59.084878300Z
92	1160.1b1c: ChangeTime: 2014-11-13T08:10:59.084878300Z
93	1160.1b1c: FileAttributes: 0x20
94	1160.1b1c: Size: 0x70f60
95	1160.1b1c: NT Headers: 0xe8
96	1160.1b1c: Timestamp: 0x5413cb55
97	1160.1b1c: Machine: 0x8664 - amd64
98	1160.1b1c: Timestamp: 0x5413cb55
99	1160.1b1c: Image Version: 0.0
100	1160.1b1c: SizeOfImage: 0x88000 (557056)
101	1160.1b1c: Resource Dir: 0x86000 LB 0x630
102	1160.1b1c: ProductName: Symantec CMC Firewall
103	1160.1b1c: ProductVersion: 12.1.5337.5000
104	1160.1b1c: FileVersion: 12.1.5337.5000
105	1160.1b1c: FileDescription: Symantec CMC Firewall sysfer
106	1160.1b1c: \SystemRoot\System32\drivers\symevent64x86.sys:
107	1160.1b1c: CreationTime: 2014-09-11T12:16:57.213035000Z
108	1160.1b1c: LastWriteTime: 2014-11-13T07:44:42.843436400Z
109	1160.1b1c: ChangeTime: 2014-11-13T07:44:42.843436400Z
110	1160.1b1c: FileAttributes: 0x20
111	1160.1b1c: Size: 0x2b658
112	1160.1b1c: NT Headers: 0xe8
113	1160.1b1c: Timestamp: 0x51f32ff2
114	1160.1b1c: Machine: 0x8664 - amd64
115	1160.1b1c: Timestamp: 0x51f32ff2
116	1160.1b1c: Image Version: 6.0
117	1160.1b1c: SizeOfImage: 0x38000 (229376)
118	1160.1b1c: Resource Dir: 0x36000 LB 0x3c8
119	1160.1b1c: ProductName: SYMEVENT
120	1160.1b1c: ProductVersion: 12.9.5.2
121	1160.1b1c: FileVersion: 12.9.5.2
122	1160.1b1c: FileDescription: Symantec Event Library
123	1160.1b1c: Calling main()
124	1160.1b1c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
125	1160.1b1c: SUPR3HardenedMain: Respawn #1
126	1160.1b1c: System32: \Device\HarddiskVolume3\Windows\System32
127	1160.1b1c: WinSxS: \Device\HarddiskVolume3\Windows\winsxs
128	1160.1b1c: KnownDllPath: C:\Windows\system32
129	1160.1b1c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
130	1160.1b1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
131	1160.1b1c: supR3HardNtEnableThreadCreation:
132	1160.1b1c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076f1c340 pvNtTerminateThread=0000000076f417e0
133	1160.1b1c: supR3HardenedWinDoReSpawn(1): New child 1f18.1c40 [kernel32].
134	1160.1b1c: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
135	1160.1b1c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076ef0000 uNtDllChildAddr=0000000076ef0000
136	1160.1b1c: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076f1c340
137	1160.1b1c: supR3HardenedWinSetupChildInit: Start child.
138	1160.1b1c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 3 ms.
139	1160.1b1c: supR3HardNtChildPurify: Startup delay kludge #1/0: 515 ms, 58 sleeps
140	1160.1b1c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
141	1160.1b1c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
142	1160.1b1c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
143	1160.1b1c: *0000000000030000-fffffffffff33fff 0x0000/0x0004 0x0020000
144	1160.1b1c: 000000000012c000-0000000000128fff 0x0104/0x0004 0x0020000
145	1160.1b1c: 000000000012f000-000000000012dfff 0x0004/0x0004 0x0020000
146	1160.1b1c: *0000000000130000-000000000012bfff 0x0002/0x0002 0x0040000
147	1160.1b1c: 0000000000134000-0000000000127fff 0x0001/0x0000 0x0000000
148	1160.1b1c: *0000000000140000-000000000013efff 0x0004/0x0004 0x0020000
149	1160.1b1c: 0000000000141000-ffffffff89391fff 0x0001/0x0000 0x0000000
150	1160.1b1c: *0000000076ef0000-0000000076eeefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
151	1160.1b1c: 0000000076ef1000-0000000076deefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
152	1160.1b1c: 0000000076ff3000-0000000076fc3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
153	1160.1b1c: 0000000077022000-0000000077019fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
154	1160.1b1c: 000000007702a000-0000000077028fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
155	1160.1b1c: 000000007702b000-0000000077027fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
156	1160.1b1c: 000000007702e000-0000000076fc2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
157	1160.1b1c: 0000000077099000-000000006f151fff 0x0001/0x0000 0x0000000
158	1160.1b1c: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
159	1160.1b1c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
160	1160.1b1c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
161	1160.1b1c: 000000007fff0000-ffffffffc06cffff 0x0001/0x0000 0x0000000
162	1160.1b1c: *000000013f910000-000000013f90efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
163	1160.1b1c: 000000013f911000-000000013f88cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
164	1160.1b1c: 000000013f995000-000000013f993fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
165	1160.1b1c: 000000013f996000-000000013f958fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
166	1160.1b1c: 000000013f9d3000-000000013f9d1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
167	1160.1b1c: 000000013f9d4000-000000013f9d2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
168	1160.1b1c: 000000013f9d5000-000000013f9d2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
169	1160.1b1c: 000000013f9d7000-000000013f9d5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
170	1160.1b1c: 000000013f9d8000-000000013f9d6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
171	1160.1b1c: 000000013f9d9000-000000013f9d4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
172	1160.1b1c: 000000013f9dd000-000000013f9a3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
173	1160.1b1c: 000000013fa16000-fffff8038021bfff 0x0001/0x0000 0x0000000
174	1160.1b1c: *000007feff210000-000007feff20efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apisetschema.dll
175	1160.1b1c: 000007feff211000-000007fdfe471fff 0x0001/0x0000 0x0000000
176	1160.1b1c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
177	1160.1b1c: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
178	1160.1b1c: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
179	1160.1b1c: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
180	1160.1b1c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
181	1160.1b1c: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
182	1160.1b1c: VirtualBox.exe: timestamp 0x54cb639b (rc=VINF_SUCCESS)
183	1160.1b1c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
184	1160.1b1c: '\Device\HarddiskVolume3\Windows\System32\apisetschema.dll' has no imports
185	1160.1b1c: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
186	1160.1b1c: supR3HardNtChildPurify: Done after 539 ms and 0 fixes (loop #0).
187	1f18.1c40: Log file opened: 4.3.21r97963 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
188	1f18.1c40: supR3HardenedVmProcessInit: uNtDllAddr=0000000076ef0000
189	1f18.1c40: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
190	1f18.1c40: New simple heap: #1 0000000000250000 LB 0x400000 (for 1740800 allocation)
191	1f18.1c40: System32: \Device\HarddiskVolume3\Windows\System32
192	1f18.1c40: WinSxS: \Device\HarddiskVolume3\Windows\winsxs
193	1f18.1c40: KnownDllPath: C:\Windows\system32
194	1f18.1c40: supR3HardenedVmProcessInit: Opening vboxdrv stub...
195	1f18.1c40: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
196	1f18.1c40: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
197	1f18.1c40: Registered Dll notification callback with NTDLL.
198	1f18.1c40: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
199	1f18.1c40: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
200	1f18.1c40: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
201	1f18.1c40: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
202	1160.1b1c: supR3HardNtEnableThreadCreation:
203	1160.1b1c: Error (rc=258):
204	1160.1b1c: Timed out after 60001 ms waiting for child request #1 (CloseEvents).
205	1160.1b1c: Error 258 in supR3HardNtChildWaitFor! (enmWhat=5)
206	1160.1b1c: Timed out after 60001 ms waiting for child request #1 (CloseEvents).
207	ee8.1c34: Log file opened: 4.3.21r97963 g_hStartupLog=0000000000000024 g_uNtVerCombined=0x611db110
208	ee8.1c34: \SystemRoot\System32\ntdll.dll:
209	ee8.1c34: CreationTime: 2013-10-09T15:24:27.804881500Z
210	ee8.1c34: LastWriteTime: 2013-08-29T02:16:35.515578900Z
211	ee8.1c34: ChangeTime: 2013-10-09T15:54:34.058494500Z
212	ee8.1c34: FileAttributes: 0x20
213	ee8.1c34: Size: 0x1a6dc0
214	ee8.1c34: NT Headers: 0xe0
215	ee8.1c34: Timestamp: 0x521eaf24
216	ee8.1c34: Machine: 0x8664 - amd64
217	ee8.1c34: Timestamp: 0x521eaf24
218	ee8.1c34: Image Version: 6.1
219	ee8.1c34: SizeOfImage: 0x1a9000 (1740800)
220	ee8.1c34: Resource Dir: 0x151000 LB 0x560d8
221	ee8.1c34: ProductName: Microsoft® Windows® Operating System
222	ee8.1c34: ProductVersion: 6.1.7601.18247
223	ee8.1c34: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
224	ee8.1c34: FileDescription: NT Layer DLL
225	ee8.1c34: \SystemRoot\System32\kernel32.dll:
226	ee8.1c34: CreationTime: 2014-04-09T06:13:06.674545300Z
227	ee8.1c34: LastWriteTime: 2014-03-04T09:44:00.336000000Z
228	ee8.1c34: ChangeTime: 2014-04-09T10:18:22.333696900Z
229	ee8.1c34: FileAttributes: 0x20
230	ee8.1c34: Size: 0x11c000
231	ee8.1c34: NT Headers: 0xe8
232	ee8.1c34: Timestamp: 0x5315a059
233	ee8.1c34: Machine: 0x8664 - amd64
234	ee8.1c34: Timestamp: 0x5315a059
235	ee8.1c34: Image Version: 6.1
236	ee8.1c34: SizeOfImage: 0x11f000 (1175552)
237	ee8.1c34: Resource Dir: 0x116000 LB 0x528
238	ee8.1c34: ProductName: Microsoft® Windows® Operating System
239	ee8.1c34: ProductVersion: 6.1.7601.18409
240	ee8.1c34: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
241	ee8.1c34: FileDescription: Windows NT BASE API Client DLL
242	ee8.1c34: \SystemRoot\System32\KernelBase.dll:
243	ee8.1c34: CreationTime: 2014-05-14T08:06:45.831753400Z
244	ee8.1c34: LastWriteTime: 2014-03-04T09:44:00.336000000Z
245	ee8.1c34: ChangeTime: 2014-05-14T08:40:03.590576600Z
246	ee8.1c34: FileAttributes: 0x20
247	ee8.1c34: Size: 0x67c00
248	ee8.1c34: NT Headers: 0xe8
249	ee8.1c34: Timestamp: 0x5315a05a
250	ee8.1c34: Machine: 0x8664 - amd64
251	ee8.1c34: Timestamp: 0x5315a05a
252	ee8.1c34: Image Version: 6.1
253	ee8.1c34: SizeOfImage: 0x6c000 (442368)
254	ee8.1c34: Resource Dir: 0x6a000 LB 0x530
255	ee8.1c34: ProductName: Microsoft® Windows® Operating System
256	ee8.1c34: ProductVersion: 6.1.7601.18409
257	ee8.1c34: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
258	ee8.1c34: FileDescription: Windows NT BASE API Client DLL
259	ee8.1c34: \SystemRoot\System32\apisetschema.dll:
260	ee8.1c34: CreationTime: 2013-09-11T06:09:27.140199800Z
261	ee8.1c34: LastWriteTime: 2013-08-02T02:12:20.275000000Z
262	ee8.1c34: ChangeTime: 2013-09-11T06:24:44.250476000Z
263	ee8.1c34: FileAttributes: 0x20
264	ee8.1c34: Size: 0x1a00
265	ee8.1c34: NT Headers: 0xc0
266	ee8.1c34: Timestamp: 0x51fb15ca
267	ee8.1c34: Machine: 0x8664 - amd64
268	ee8.1c34: Timestamp: 0x51fb15ca
269	ee8.1c34: Image Version: 6.1
270	ee8.1c34: SizeOfImage: 0x50000 (327680)
271	ee8.1c34: Resource Dir: 0x30000 LB 0x3f8
272	ee8.1c34: ProductName: Microsoft® Windows® Operating System
273	ee8.1c34: ProductVersion: 6.1.7601.18229
274	ee8.1c34: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
275	ee8.1c34: FileDescription: ApiSet Schema DLL
276	ee8.1c34: NtOpenDirectoryObject failed on \Driver: 0xc0000022
277	ee8.1c34: supR3HardenedWinFindAdversaries: 0x2
278	ee8.1c34: \SystemRoot\System32\drivers\SysPlant.sys:
279	ee8.1c34: CreationTime: 2014-11-13T08:10:59.084878300Z
280	ee8.1c34: LastWriteTime: 2014-11-13T08:10:59.116078400Z
281	ee8.1c34: ChangeTime: 2014-11-13T08:10:59.116078400Z
282	ee8.1c34: FileAttributes: 0x20
283	ee8.1c34: Size: 0x26f40
284	ee8.1c34: NT Headers: 0x100
285	ee8.1c34: Timestamp: 0x5413cb4e
286	ee8.1c34: Machine: 0x8664 - amd64
287	ee8.1c34: Timestamp: 0x5413cb4e
288	ee8.1c34: Image Version: 5.0
289	ee8.1c34: SizeOfImage: 0x2d000 (184320)
290	ee8.1c34: Resource Dir: 0x2b000 LB 0x498
291	ee8.1c34: ProductName: Symantec CMC Firewall
292	ee8.1c34: ProductVersion: 12.1.5337.5000
293	ee8.1c34: FileVersion: 12.1.5337.5000
294	ee8.1c34: FileDescription: Symantec CMC Firewall SysPlant
295	ee8.1c34: \SystemRoot\System32\sysfer.dll:
296	ee8.1c34: CreationTime: 2014-11-13T08:10:59.038078200Z
297	ee8.1c34: LastWriteTime: 2014-11-13T08:10:59.084878300Z
298	ee8.1c34: ChangeTime: 2014-11-13T08:10:59.084878300Z
299	ee8.1c34: FileAttributes: 0x20
300	ee8.1c34: Size: 0x70f60
301	ee8.1c34: NT Headers: 0xe8
302	ee8.1c34: Timestamp: 0x5413cb55
303	ee8.1c34: Machine: 0x8664 - amd64
304	ee8.1c34: Timestamp: 0x5413cb55
305	ee8.1c34: Image Version: 0.0
306	ee8.1c34: SizeOfImage: 0x88000 (557056)
307	ee8.1c34: Resource Dir: 0x86000 LB 0x630
308	ee8.1c34: ProductName: Symantec CMC Firewall
309	ee8.1c34: ProductVersion: 12.1.5337.5000
310	ee8.1c34: FileVersion: 12.1.5337.5000
311	ee8.1c34: FileDescription: Symantec CMC Firewall sysfer
312	ee8.1c34: \SystemRoot\System32\drivers\symevent64x86.sys:
313	ee8.1c34: CreationTime: 2014-09-11T12:16:57.213035000Z
314	ee8.1c34: LastWriteTime: 2014-11-13T07:44:42.843436400Z
315	ee8.1c34: ChangeTime: 2014-11-13T07:44:42.843436400Z
316	ee8.1c34: FileAttributes: 0x20
317	ee8.1c34: Size: 0x2b658
318	ee8.1c34: NT Headers: 0xe8
319	ee8.1c34: Timestamp: 0x51f32ff2
320	ee8.1c34: Machine: 0x8664 - amd64
321	ee8.1c34: Timestamp: 0x51f32ff2
322	ee8.1c34: Image Version: 6.0
323	ee8.1c34: SizeOfImage: 0x38000 (229376)
324	ee8.1c34: Resource Dir: 0x36000 LB 0x3c8
325	ee8.1c34: ProductName: SYMEVENT
326	ee8.1c34: ProductVersion: 12.9.5.2
327	ee8.1c34: FileVersion: 12.9.5.2
328	ee8.1c34: FileDescription: Symantec Event Library
329	ee8.1c34: Calling main()
330	ee8.1c34: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
331	ee8.1c34: SUPR3HardenedMain: Respawn #1
332	ee8.1c34: System32: \Device\HarddiskVolume3\Windows\System32
333	ee8.1c34: WinSxS: \Device\HarddiskVolume3\Windows\winsxs
334	ee8.1c34: KnownDllPath: C:\Windows\system32
335	ee8.1c34: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
336	ee8.1c34: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
337	ee8.1c34: supR3HardNtEnableThreadCreation:
338	ee8.1c34: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076f1c340 pvNtTerminateThread=0000000076f417e0
339	ee8.1c34: supR3HardenedWinDoReSpawn(1): New child b14.408 [kernel32].
340	ee8.1c34: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd6000 cbPeb=0x380
341	ee8.1c34: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076ef0000 uNtDllChildAddr=0000000076ef0000
342	ee8.1c34: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076f1c340
343	ee8.1c34: supR3HardenedWinSetupChildInit: Start child.
344	ee8.1c34: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
345	ee8.1c34: supR3HardNtChildPurify: Startup delay kludge #1/0: 514 ms, 64 sleeps
346	ee8.1c34: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
347	ee8.1c34: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
348	ee8.1c34: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
349	ee8.1c34: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
350	ee8.1c34: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
351	ee8.1c34: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
352	ee8.1c34: 0000000000041000-fffffffffff21fff 0x0001/0x0000 0x0000000
353	ee8.1c34: *0000000000160000-0000000000063fff 0x0000/0x0004 0x0020000
354	ee8.1c34: 000000000025c000-0000000000258fff 0x0104/0x0004 0x0020000
355	ee8.1c34: 000000000025f000-000000000025dfff 0x0004/0x0004 0x0020000
356	ee8.1c34: 0000000000260000-ffffffff895cffff 0x0001/0x0000 0x0000000
357	ee8.1c34: *0000000076ef0000-0000000076eeefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
358	ee8.1c34: 0000000076ef1000-0000000076deefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
359	ee8.1c34: 0000000076ff3000-0000000076fc3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
360	ee8.1c34: 0000000077022000-0000000077019fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
361	ee8.1c34: 000000007702a000-0000000077028fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
362	ee8.1c34: 000000007702b000-0000000077027fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
363	ee8.1c34: 000000007702e000-0000000076fc2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
364	ee8.1c34: 0000000077099000-000000006f151fff 0x0001/0x0000 0x0000000
365	ee8.1c34: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
366	ee8.1c34: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
367	ee8.1c34: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
368	ee8.1c34: 000000007fff0000-ffffffffc06cffff 0x0001/0x0000 0x0000000
369	ee8.1c34: *000000013f910000-000000013f90efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
370	ee8.1c34: 000000013f911000-000000013f88cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
371	ee8.1c34: 000000013f995000-000000013f993fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
372	ee8.1c34: 000000013f996000-000000013f958fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
373	ee8.1c34: 000000013f9d3000-000000013f9d1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
374	ee8.1c34: 000000013f9d4000-000000013f9d2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
375	ee8.1c34: 000000013f9d5000-000000013f9d2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
376	ee8.1c34: 000000013f9d7000-000000013f9d5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
377	ee8.1c34: 000000013f9d8000-000000013f9d6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
378	ee8.1c34: 000000013f9d9000-000000013f9d4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
379	ee8.1c34: 000000013f9dd000-000000013f9a3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
380	ee8.1c34: 000000013fa16000-fffff8038021bfff 0x0001/0x0000 0x0000000
381	ee8.1c34: *000007feff210000-000007feff20efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apisetschema.dll
382	ee8.1c34: 000007feff211000-000007fdfe471fff 0x0001/0x0000 0x0000000
383	ee8.1c34: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
384	ee8.1c34: 000007fffffd3000-000007fffffcffff 0x0001/0x0000 0x0000000
385	ee8.1c34: *000007fffffd6000-000007fffffd4fff 0x0004/0x0004 0x0020000
386	ee8.1c34: 000007fffffd7000-000007fffffcffff 0x0001/0x0000 0x0000000
387	ee8.1c34: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
388	ee8.1c34: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
389	ee8.1c34: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
390	ee8.1c34: VirtualBox.exe: timestamp 0x54cb639b (rc=VINF_SUCCESS)
391	ee8.1c34: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
392	ee8.1c34: '\Device\HarddiskVolume3\Windows\System32\apisetschema.dll' has no imports
393	ee8.1c34: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
394	ee8.1c34: supR3HardNtChildPurify: Done after 537 ms and 0 fixes (loop #0).
395	b14.408: Log file opened: 4.3.21r97963 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
396	b14.408: supR3HardenedVmProcessInit: uNtDllAddr=0000000076ef0000
397	ee8.1c34: supR3HardNtEnableThreadCreation:
398	b14.408: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
399	b14.408: New simple heap: #1 0000000000260000 LB 0x400000 (for 1740800 allocation)
400	b14.408: System32: \Device\HarddiskVolume3\Windows\System32
401	b14.408: WinSxS: \Device\HarddiskVolume3\Windows\winsxs
402	b14.408: KnownDllPath: C:\Windows\system32
403	b14.408: supR3HardenedVmProcessInit: Opening vboxdrv stub...
404	b14.408: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
405	b14.408: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
406	b14.408: Registered Dll notification callback with NTDLL.
407	b14.408: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
408	b14.408: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
409	b14.408: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
410	b14.408: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
411	ee8.1c34: Error (rc=258):
412	ee8.1c34: Timed out after 60001 ms waiting for child request #1 (CloseEvents).
413	ee8.1c34: Error 258 in supR3HardNtChildWaitFor! (enmWhat=5)
414	ee8.1c34: Timed out after 60001 ms waiting for child request #1 (CloseEvents).

Download in other formats:

Original Format