Ticket #14237: VBoxStartup.log

File VBoxStartup.log, 31.3 KB (added by SagarShetty, 10 years ago)
ErrorLog

Line
1	2908.290c: Log file opened: 4.2.30r100415 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2	2908.290c: \SystemRoot\System32\ntdll.dll:
3	2908.290c: CreationTime: 2015-04-27T04:23:01.494643100Z
4	2908.290c: LastWriteTime: 2015-03-17T05:19:37.641771700Z
5	2908.290c: ChangeTime: 2015-07-02T13:04:37.739428500Z
6	2908.290c: FileAttributes: 0x20
7	2908.290c: Size: 0x1a5da0
8	2908.290c: NT Headers: 0xe0
9	2908.290c: Timestamp: 0x5507b864
10	2908.290c: Machine: 0x8664 - amd64
11	2908.290c: Timestamp: 0x5507b864
12	2908.290c: Image Version: 6.1
13	2908.290c: SizeOfImage: 0x1a8000 (1736704)
14	2908.290c: Resource Dir: 0x14c000 LB 0x5a028
15	2908.290c: ProductName: Microsoft® Windows® Operating System
16	2908.290c: ProductVersion: 6.1.7601.18798
17	2908.290c: FileVersion: 6.1.7601.18798 (win7sp1_gdr.150316-1654)
18	2908.290c: FileDescription: NT Layer DLL
19	2908.290c: \SystemRoot\System32\kernel32.dll:
20	2908.290c: CreationTime: 2015-06-17T05:27:08.277509700Z
21	2908.290c: LastWriteTime: 2015-05-09T03:26:36.862000000Z
22	2908.290c: ChangeTime: 2015-07-02T13:04:37.769442600Z
23	2908.290c: FileAttributes: 0x20
24	2908.290c: Size: 0x11be00
25	2908.290c: NT Headers: 0xe8
26	2908.290c: Timestamp: 0x554d7df0
27	2908.290c: Machine: 0x8664 - amd64
28	2908.290c: Timestamp: 0x554d7df0
29	2908.290c: Image Version: 6.1
30	2908.290c: SizeOfImage: 0x11f000 (1175552)
31	2908.290c: Resource Dir: 0x116000 LB 0x528
32	2908.290c: ProductName: Microsoft® Windows® Operating System
33	2908.290c: ProductVersion: 6.1.7601.18847
34	2908.290c: FileVersion: 6.1.7601.18847 (win7sp1_gdr.150508-1512)
35	2908.290c: FileDescription: Windows NT BASE API Client DLL
36	2908.290c: \SystemRoot\System32\KernelBase.dll:
37	2908.290c: CreationTime: 2015-06-17T05:27:08.424509700Z
38	2908.290c: LastWriteTime: 2015-05-09T03:26:36.862000000Z
39	2908.290c: ChangeTime: 2015-07-02T13:04:37.789452000Z
40	2908.290c: FileAttributes: 0x20
41	2908.290c: Size: 0x67c00
42	2908.290c: NT Headers: 0xe8
43	2908.290c: Timestamp: 0x554d7df1
44	2908.290c: Machine: 0x8664 - amd64
45	2908.290c: Timestamp: 0x554d7df1
46	2908.290c: Image Version: 6.1
47	2908.290c: SizeOfImage: 0x6c000 (442368)
48	2908.290c: Resource Dir: 0x6a000 LB 0x530
49	2908.290c: ProductName: Microsoft® Windows® Operating System
50	2908.290c: ProductVersion: 6.1.7601.18847
51	2908.290c: FileVersion: 6.1.7601.18847 (win7sp1_gdr.150508-1512)
52	2908.290c: FileDescription: Windows NT BASE API Client DLL
53	2908.290c: \SystemRoot\System32\apisetschema.dll:
54	2908.290c: CreationTime: 2015-04-27T04:23:09.731443100Z
55	2908.290c: LastWriteTime: 2015-03-17T05:11:07.952000000Z
56	2908.290c: ChangeTime: 2015-07-02T13:04:37.794454400Z
57	2908.290c: FileAttributes: 0x20
58	2908.290c: Size: 0x1a00
59	2908.290c: NT Headers: 0xc0
60	2908.290c: Timestamp: 0x5507b7b1
61	2908.290c: Machine: 0x8664 - amd64
62	2908.290c: Timestamp: 0x5507b7b1
63	2908.290c: Image Version: 6.1
64	2908.290c: SizeOfImage: 0x50000 (327680)
65	2908.290c: Resource Dir: 0x30000 LB 0x3f8
66	2908.290c: ProductName: Microsoft® Windows® Operating System
67	2908.290c: ProductVersion: 6.1.7601.18798
68	2908.290c: FileVersion: 6.1.7601.18798 (win7sp1_gdr.150316-1654)
69	2908.290c: FileDescription: ApiSet Schema DLL
70	2908.290c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
71	2908.290c: supR3HardenedWinFindAdversaries: 0x20
72	2908.290c: \SystemRoot\System32\drivers\mfeapfk.sys:
73	2908.290c: CreationTime: 2014-08-20T16:14:00.261285700Z
74	2908.290c: LastWriteTime: 2014-08-20T16:12:49.777254200Z
75	2908.290c: ChangeTime: 2015-07-02T13:04:37.851482300Z
76	2908.290c: FileAttributes: 0x20
77	2908.290c: Size: 0x2c030
78	2908.290c: NT Headers: 0xe8
79	2908.290c: Timestamp: 0x52ab7fef
80	2908.290c: Machine: 0x8664 - amd64
81	2908.290c: Timestamp: 0x52ab7fef
82	2908.290c: Image Version: 0.0
83	2908.290c: SizeOfImage: 0x29d00 (171264)
84	2908.290c: Resource Dir: 0x29500 LB 0x340
85	2908.290c: ProductName: SYSCORE
86	2908.290c: FileVersion: SYSCORE.15.1.0.656
87	2908.290c: PrivateBuild: SYSCORE.15.1.0.656 F16
88	2908.290c: FileDescription: Access Protection Filter Driver
89	2908.290c: \SystemRoot\System32\drivers\mfeavfk.sys:
90	2908.290c: CreationTime: 2014-08-20T16:13:59.450239300Z
91	2908.290c: LastWriteTime: 2014-08-20T16:12:49.945263800Z
92	2908.290c: ChangeTime: 2015-07-02T13:04:37.911510500Z
93	2908.290c: FileAttributes: 0x20
94	2908.290c: Size: 0x4c130
95	2908.290c: NT Headers: 0xf0
96	2908.290c: Timestamp: 0x52ab8004
97	2908.290c: Machine: 0x8664 - amd64
98	2908.290c: Timestamp: 0x52ab8004
99	2908.290c: Image Version: 0.0
100	2908.290c: SizeOfImage: 0x49b00 (301824)
101	2908.290c: Resource Dir: 0x48d00 LB 0x718
102	2908.290c: ProductName: SYSCORE
103	2908.290c: FileVersion: SYSCORE.15.1.0.656
104	2908.290c: PrivateBuild: SYSCORE.15.1.0.656 F15,F16,F19
105	2908.290c: FileDescription: Anti-Virus File System Filter Driver
106	2908.290c: \SystemRoot\System32\drivers\mfefirek.sys:
107	2908.290c: CreationTime: 2014-08-20T16:21:46.648961500Z
108	2908.290c: LastWriteTime: 2013-12-17T04:56:26.000000000Z
109	2908.290c: ChangeTime: 2015-07-02T13:04:37.961532500Z
110	2908.290c: FileAttributes: 0x20
111	2908.290c: Size: 0x7ef78
112	2908.290c: NT Headers: 0xf0
113	2908.290c: Timestamp: 0x52ab8072
114	2908.290c: Machine: 0x8664 - amd64
115	2908.290c: Timestamp: 0x52ab8072
116	2908.290c: Image Version: 0.0
117	2908.290c: SizeOfImage: 0x7c480 (509056)
118	2908.290c: Resource Dir: 0x79b00 LB 0x350
119	2908.290c: ProductName: SYSCORE
120	2908.290c: FileVersion: SYSCORE.15.1.0.656
121	2908.290c: PrivateBuild: SYSCORE.15.1.0.656 F17,F18
122	2908.290c: FileDescription: McAfee Core Firewall Engine Driver
123	2908.290c: \SystemRoot\System32\drivers\mfehidk.sys:
124	2908.290c: CreationTime: 2014-08-20T16:13:56.755085100Z
125	2908.290c: LastWriteTime: 2014-08-20T16:12:50.455293000Z
126	2908.290c: ChangeTime: 2015-07-02T10:47:48.983398300Z
127	2908.290c: FileAttributes: 0x20
128	2908.290c: Size: 0xbf278
129	2908.290c: NT Headers: 0xf0
130	2908.290c: Timestamp: 0x52ab7fc4
131	2908.290c: Machine: 0x8664 - amd64
132	2908.290c: Timestamp: 0x52ab7fc4
133	2908.290c: Image Version: 0.0
134	2908.290c: SizeOfImage: 0xbc180 (770432)
135	2908.290c: Resource Dir: 0xb9b80 LB 0x348
136	2908.290c: ProductName: SYSCORE
137	2908.290c: FileVersion: SYSCORE.15.1.0.656
138	2908.290c: PrivateBuild: SYSCORE.15.1.0.656 F14,F15,F16,F18,F20
139	2908.290c: FileDescription: McAfee Link Driver
140	2908.290c: \SystemRoot\System32\drivers\mfewfpk.sys:
141	2908.290c: CreationTime: 2014-08-20T16:13:01.926949100Z
142	2908.290c: LastWriteTime: 2014-08-20T16:12:51.184334700Z
143	2908.290c: ChangeTime: 2015-07-02T10:47:49.201798300Z
144	2908.290c: FileAttributes: 0x20
145	2908.290c: Size: 0x54070
146	2908.290c: NT Headers: 0xf0
147	2908.290c: Timestamp: 0x52ab7fd3
148	2908.290c: Machine: 0x8664 - amd64
149	2908.290c: Timestamp: 0x52ab7fd3
150	2908.290c: Image Version: 0.0
151	2908.290c: SizeOfImage: 0x51980 (334208)
152	2908.290c: Resource Dir: 0x50e80 LB 0x348
153	2908.290c: ProductName: SYSCORE
154	2908.290c: FileVersion: SYSCORE.15.1.0.656
155	2908.290c: PrivateBuild: SYSCORE.15.1.0.656 F17,F18
156	2908.290c: FileDescription: Anti-Virus Mini-Firewall Driver
157	2908.290c: Calling main()
158	2908.290c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
159	2908.290c: SUPR3HardenedMain: Respawn #1
160	2908.290c: System32: \Device\HarddiskVolume1\Windows\System32
161	2908.290c: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
162	2908.290c: KnownDllPath: C:\Windows\system32
163	2908.290c: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
164	2908.290c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
165	2908.290c: supR3HardNtEnableThreadCreation:
166	2908.290c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000779cb690 pvNtTerminateThread=00000000779ee100
167	2908.290c: supR3HardenedWinDoReSpawn(1): New child 2944.2948 [kernel32].
168	2908.290c: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd9000 cbPeb=0x380
169	2908.290c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000779a0000 uNtDllChildAddr=00000000779a0000
170	2908.290c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000779cb690
171	2908.290c: supR3HardenedWinSetupChildInit: Start child.
172	2908.290c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 20 ms.
173	2908.290c: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 52 sleeps
174	2908.290c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
175	2908.290c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
176	2908.290c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
177	2908.290c: *0000000000030000-000000000002efff 0x0040/0x0040 0x0020000 !!
178	2908.290c: supHardNtVpFreeOrReplacePrivateExecMemory: Freeing exec mem at 0000000000030000 (LB 0x1000, 0000000000030000 LB 0x1000)
179	2908.290c: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [0000000000030000/0000000000030000 LB 0/0x1000]
180	2908.290c: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/0000000000030000 LB 0x10000 s=0x10000 ap=0x0 rp=0x00000000000001
181	2908.290c: 0000000000031000-0000000000021fff 0x0001/0x0000 0x0000000
182	2908.290c: *0000000000040000-000000000003bfff 0x0002/0x0002 0x0040000
183	2908.290c: 0000000000044000-0000000000037fff 0x0001/0x0000 0x0000000
184	2908.290c: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
185	2908.290c: 0000000000051000-fffffffffff21fff 0x0001/0x0000 0x0000000
186	2908.290c: *0000000000180000-0000000000083fff 0x0000/0x0004 0x0020000
187	2908.290c: 000000000027c000-0000000000278fff 0x0104/0x0004 0x0020000
188	2908.290c: 000000000027f000-000000000027dfff 0x0004/0x0004 0x0020000
189	2908.290c: 0000000000280000-ffffffff88b5ffff 0x0001/0x0000 0x0000000
190	2908.290c: *00000000779a0000-00000000779a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
191	2908.290c: 00000000779a1000-0000000077a9dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
192	2908.290c: 0000000077a9e000-0000000077accfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
193	2908.290c: 0000000077acd000-0000000077ad4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
194	2908.290c: 0000000077ad5000-0000000077ad5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
195	2908.290c: 0000000077ad6000-0000000077ad8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
196	2908.290c: 0000000077ad9000-0000000077b47fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
197	2908.290c: 0000000077b48000-00000000706affff 0x0001/0x0000 0x0000000
198	2908.290c: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
199	2908.290c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
200	2908.290c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
201	2908.290c: 000000007fff0000-ffffffffc0f1ffff 0x0001/0x0000 0x0000000
202	2908.290c: *000000013f0c0000-000000013f0c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
203	2908.290c: 000000013f0c1000-000000013f144fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
204	2908.290c: 000000013f145000-000000013f145fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
205	2908.290c: 000000013f146000-000000013f183fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
206	2908.290c: 000000013f184000-000000013f184fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
207	2908.290c: 000000013f185000-000000013f185fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
208	2908.290c: 000000013f186000-000000013f187fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
209	2908.290c: 000000013f188000-000000013f188fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
210	2908.290c: 000000013f189000-000000013f189fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
211	2908.290c: 000000013f18a000-000000013f18dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
212	2908.290c: 000000013f18e000-000000013f1c6fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
213	2908.290c: 000000013f1c7000-fffff8037e6cdfff 0x0001/0x0000 0x0000000
214	2908.290c: *000007feffcc0000-000007feffcc0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
215	2908.290c: 000007feffcc1000-000007fdff9d1fff 0x0001/0x0000 0x0000000
216	2908.290c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
217	2908.290c: 000007fffffd3000-000007fffffccfff 0x0001/0x0000 0x0000000
218	2908.290c: *000007fffffd9000-000007fffffd7fff 0x0004/0x0004 0x0020000
219	2908.290c: 000007fffffda000-000007fffffd5fff 0x0001/0x0000 0x0000000
220	2908.290c: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
221	2908.290c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
222	2908.290c: apisetschema.dll: timestamp 0x5507b7b1 (rc=VINF_SUCCESS)
223	2908.290c: VirtualBox.exe: timestamp 0x555ae68e (rc=VINF_SUCCESS)
224	2908.290c: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
225	2908.290c: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
226	2908.290c: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
227	2908.290c: supR3HardNtChildPurify: cFixes=1 g_fSupAdversaries=0x20 cPatchCount=0
228	2908.290c: supR3HardNtChildPurify: Startup delay kludge #1/1: 515 ms, 51 sleeps
229	2908.290c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
230	2908.290c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
231	2908.290c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
232	2908.290c: 0000000000030000-000000000001ffff 0x0001/0x0000 0x0000000
233	2908.290c: *0000000000040000-000000000003bfff 0x0002/0x0002 0x0040000
234	2908.290c: 0000000000044000-0000000000037fff 0x0001/0x0000 0x0000000
235	2908.290c: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
236	2908.290c: 0000000000051000-fffffffffff21fff 0x0001/0x0000 0x0000000
237	2908.290c: *0000000000180000-0000000000083fff 0x0000/0x0004 0x0020000
238	2908.290c: 000000000027c000-0000000000278fff 0x0104/0x0004 0x0020000
239	2908.290c: 000000000027f000-000000000027dfff 0x0004/0x0004 0x0020000
240	2908.290c: 0000000000280000-ffffffff88b5ffff 0x0001/0x0000 0x0000000
241	2908.290c: *00000000779a0000-00000000779a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
242	2908.290c: 00000000779a1000-0000000077a9dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
243	2908.290c: 0000000077a9e000-0000000077accfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
244	2908.290c: 0000000077acd000-0000000077ad4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
245	2908.290c: 0000000077ad5000-0000000077ad5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
246	2908.290c: 0000000077ad6000-0000000077ad6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
247	2908.290c: 0000000077ad7000-0000000077ad8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
248	2908.290c: 0000000077ad9000-0000000077b47fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
249	2908.290c: 0000000077b48000-00000000706affff 0x0001/0x0000 0x0000000
250	2908.290c: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
251	2908.290c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
252	2908.290c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
253	2908.290c: 000000007fff0000-ffffffffc0f1ffff 0x0001/0x0000 0x0000000
254	2908.290c: *000000013f0c0000-000000013f0c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
255	2908.290c: 000000013f0c1000-000000013f144fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
256	2908.290c: 000000013f145000-000000013f145fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
257	2908.290c: 000000013f146000-000000013f183fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
258	2908.290c: 000000013f184000-000000013f18dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
259	2908.290c: 000000013f18e000-000000013f1c6fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
260	2908.290c: 000000013f1c7000-fffff8037e6cdfff 0x0001/0x0000 0x0000000
261	2908.290c: *000007feffcc0000-000007feffcc0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
262	2908.290c: 000007feffcc1000-000007fdff9d1fff 0x0001/0x0000 0x0000000
263	2908.290c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
264	2908.290c: 000007fffffd3000-000007fffffccfff 0x0001/0x0000 0x0000000
265	2908.290c: *000007fffffd9000-000007fffffd7fff 0x0004/0x0004 0x0020000
266	2908.290c: 000007fffffda000-000007fffffd5fff 0x0001/0x0000 0x0000000
267	2908.290c: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
268	2908.290c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
269	2908.290c: supR3HardNtChildPurify: Done after 1175 ms and 1 fixes (loop #1).
270	2908.290c: supR3HardNtEnableThreadCreation:
271	2944.2948: Log file opened: 4.2.30r100415 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
272	2944.2948: supR3HardenedVmProcessInit: uNtDllAddr=00000000779a0000
273	2944.2948: ntdll.dll: timestamp 0x5507b864 (rc=VINF_SUCCESS)
274	2944.2948: New simple heap: #1 0000000000280000 LB 0x400000 (for 1736704 allocation)
275	2944.2948: System32: \Device\HarddiskVolume1\Windows\System32
276	2944.2948: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
277	2944.2948: KnownDllPath: C:\Windows\system32
278	2944.2948: supR3HardenedVmProcessInit: Opening vboxdrv stub...
279	2944.2948: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
280	2944.2948: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
281	2944.2948: Registered Dll notification callback with NTDLL.
282	2944.2948: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
283	2944.2948: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
284	2944.2948: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
285	2944.2948: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
286	2944.2948: supR3HardenedDllNotificationCallback: load 0000000077880000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
287	2944.2948: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
288	2944.2948: supR3HardenedDllNotificationCallback: load 000007fefd9c0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
289	2944.2948: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
290	2944.2948: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
291	2944.2948: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077880000 'C:\Windows\system32\kernel32.dll'
292	2944.2948: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000779cb690 pvNtTerminateThread=00000000779ee100
293	2908.290c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 60 ms.
294	2944.2948: \SystemRoot\System32\ntdll.dll:
295	2944.2948: CreationTime: 2015-04-27T04:23:01.494643100Z
296	2944.2948: LastWriteTime: 2015-03-17T05:19:37.641771700Z
297	2944.2948: ChangeTime: 2015-07-02T13:04:37.739428500Z
298	2944.2948: FileAttributes: 0x20
299	2944.2948: Size: 0x1a5da0
300	2944.2948: NT Headers: 0xe0
301	2944.2948: Timestamp: 0x5507b864
302	2944.2948: Machine: 0x8664 - amd64
303	2944.2948: Timestamp: 0x5507b864
304	2944.2948: Image Version: 6.1
305	2944.2948: SizeOfImage: 0x1a8000 (1736704)
306	2944.2948: Resource Dir: 0x14c000 LB 0x5a028
307	2944.2948: ProductName: Microsoft® Windows® Operating System
308	2944.2948: ProductVersion: 6.1.7601.18798
309	2944.2948: FileVersion: 6.1.7601.18798 (win7sp1_gdr.150316-1654)
310	2944.2948: FileDescription: NT Layer DLL
311	2944.2948: \SystemRoot\System32\kernel32.dll:
312	2944.2948: CreationTime: 2015-06-17T05:27:08.277509700Z
313	2944.2948: LastWriteTime: 2015-05-09T03:26:36.862000000Z
314	2944.2948: ChangeTime: 2015-07-02T13:04:37.769442600Z
315	2944.2948: FileAttributes: 0x20
316	2944.2948: Size: 0x11be00
317	2944.2948: NT Headers: 0xe8
318	2944.2948: Timestamp: 0x554d7df0
319	2944.2948: Machine: 0x8664 - amd64
320	2944.2948: Timestamp: 0x554d7df0
321	2944.2948: Image Version: 6.1
322	2944.2948: SizeOfImage: 0x11f000 (1175552)
323	2944.2948: Resource Dir: 0x116000 LB 0x528
324	2944.2948: ProductName: Microsoft® Windows® Operating System
325	2944.2948: ProductVersion: 6.1.7601.18847
326	2944.2948: FileVersion: 6.1.7601.18847 (win7sp1_gdr.150508-1512)
327	2944.2948: FileDescription: Windows NT BASE API Client DLL
328	2944.2948: \SystemRoot\System32\KernelBase.dll:
329	2944.2948: CreationTime: 2015-06-17T05:27:08.424509700Z
330	2944.2948: LastWriteTime: 2015-05-09T03:26:36.862000000Z
331	2944.2948: ChangeTime: 2015-07-02T13:04:37.789452000Z
332	2944.2948: FileAttributes: 0x20
333	2944.2948: Size: 0x67c00
334	2944.2948: NT Headers: 0xe8
335	2944.2948: Timestamp: 0x554d7df1
336	2944.2948: Machine: 0x8664 - amd64
337	2944.2948: Timestamp: 0x554d7df1
338	2944.2948: Image Version: 6.1
339	2944.2948: SizeOfImage: 0x6c000 (442368)
340	2944.2948: Resource Dir: 0x6a000 LB 0x530
341	2944.2948: ProductName: Microsoft® Windows® Operating System
342	2944.2948: ProductVersion: 6.1.7601.18847
343	2944.2948: FileVersion: 6.1.7601.18847 (win7sp1_gdr.150508-1512)
344	2944.2948: FileDescription: Windows NT BASE API Client DLL
345	2944.2948: \SystemRoot\System32\apisetschema.dll:
346	2944.2948: CreationTime: 2015-04-27T04:23:09.731443100Z
347	2944.2948: LastWriteTime: 2015-03-17T05:11:07.952000000Z
348	2944.2948: ChangeTime: 2015-07-02T13:04:37.794454400Z
349	2944.2948: FileAttributes: 0x20
350	2944.2948: Size: 0x1a00
351	2944.2948: NT Headers: 0xc0
352	2944.2948: Timestamp: 0x5507b7b1
353	2944.2948: Machine: 0x8664 - amd64
354	2944.2948: Timestamp: 0x5507b7b1
355	2944.2948: Image Version: 6.1
356	2944.2948: SizeOfImage: 0x50000 (327680)
357	2944.2948: Resource Dir: 0x30000 LB 0x3f8
358	2944.2948: ProductName: Microsoft® Windows® Operating System
359	2944.2948: ProductVersion: 6.1.7601.18798
360	2944.2948: FileVersion: 6.1.7601.18798 (win7sp1_gdr.150316-1654)
361	2944.2948: FileDescription: ApiSet Schema DLL
362	2944.2948: NtOpenDirectoryObject failed on \Driver: 0xc0000022
363	2944.2948: supR3HardenedWinFindAdversaries: 0x2020
364	2944.2948: \SystemRoot\System32\drivers\mfeapfk.sys:
365	2944.2948: CreationTime: 2014-08-20T16:14:00.261285700Z
366	2944.2948: LastWriteTime: 2014-08-20T16:12:49.777254200Z
367	2944.2948: ChangeTime: 2015-07-02T13:04:37.851482300Z
368	2944.2948: FileAttributes: 0x20
369	2944.2948: Size: 0x2c030
370	2944.2948: NT Headers: 0xe8
371	2944.2948: Timestamp: 0x52ab7fef
372	2944.2948: Machine: 0x8664 - amd64
373	2944.2948: Timestamp: 0x52ab7fef
374	2944.2948: Image Version: 0.0
375	2944.2948: SizeOfImage: 0x29d00 (171264)
376	2944.2948: Resource Dir: 0x29500 LB 0x340
377	2944.2948: ProductName: SYSCORE
378	2944.2948: FileVersion: SYSCORE.15.1.0.656
379	2944.2948: PrivateBuild: SYSCORE.15.1.0.656 F16
380	2944.2948: FileDescription: Access Protection Filter Driver
381	2944.2948: \SystemRoot\System32\drivers\mfeavfk.sys:
382	2944.2948: CreationTime: 2014-08-20T16:13:59.450239300Z
383	2944.2948: LastWriteTime: 2014-08-20T16:12:49.945263800Z
384	2944.2948: ChangeTime: 2015-07-02T13:04:37.911510500Z
385	2944.2948: FileAttributes: 0x20
386	2944.2948: Size: 0x4c130
387	2944.2948: NT Headers: 0xf0
388	2944.2948: Timestamp: 0x52ab8004
389	2944.2948: Machine: 0x8664 - amd64
390	2944.2948: Timestamp: 0x52ab8004
391	2944.2948: Image Version: 0.0
392	2944.2948: SizeOfImage: 0x49b00 (301824)
393	2944.2948: Resource Dir: 0x48d00 LB 0x718
394	2944.2948: ProductName: SYSCORE
395	2944.2948: FileVersion: SYSCORE.15.1.0.656
396	2944.2948: PrivateBuild: SYSCORE.15.1.0.656 F15,F16,F19
397	2944.2948: FileDescription: Anti-Virus File System Filter Driver
398	2944.2948: \SystemRoot\System32\drivers\mfefirek.sys:
399	2944.2948: CreationTime: 2014-08-20T16:21:46.648961500Z
400	2944.2948: LastWriteTime: 2013-12-17T04:56:26.000000000Z
401	2944.2948: ChangeTime: 2015-07-02T13:04:37.961532500Z
402	2944.2948: FileAttributes: 0x20
403	2944.2948: Size: 0x7ef78
404	2944.2948: NT Headers: 0xf0
405	2944.2948: Timestamp: 0x52ab8072
406	2944.2948: Machine: 0x8664 - amd64
407	2944.2948: Timestamp: 0x52ab8072
408	2944.2948: Image Version: 0.0
409	2944.2948: SizeOfImage: 0x7c480 (509056)
410	2944.2948: Resource Dir: 0x79b00 LB 0x350
411	2944.2948: ProductName: SYSCORE
412	2944.2948: FileVersion: SYSCORE.15.1.0.656
413	2944.2948: PrivateBuild: SYSCORE.15.1.0.656 F17,F18
414	2944.2948: FileDescription: McAfee Core Firewall Engine Driver
415	2944.2948: \SystemRoot\System32\drivers\mfehidk.sys:
416	2944.2948: CreationTime: 2014-08-20T16:13:56.755085100Z
417	2944.2948: LastWriteTime: 2014-08-20T16:12:50.455293000Z
418	2944.2948: ChangeTime: 2015-07-02T10:47:48.983398300Z
419	2944.2948: FileAttributes: 0x20
420	2944.2948: Size: 0xbf278
421	2944.2948: NT Headers: 0xf0
422	2944.2948: Timestamp: 0x52ab7fc4
423	2944.2948: Machine: 0x8664 - amd64
424	2944.2948: Timestamp: 0x52ab7fc4
425	2944.2948: Image Version: 0.0
426	2944.2948: SizeOfImage: 0xbc180 (770432)
427	2944.2948: Resource Dir: 0xb9b80 LB 0x348
428	2944.2948: ProductName: SYSCORE
429	2944.2948: FileVersion: SYSCORE.15.1.0.656
430	2944.2948: PrivateBuild: SYSCORE.15.1.0.656 F14,F15,F16,F18,F20
431	2944.2948: FileDescription: McAfee Link Driver
432	2944.2948: \SystemRoot\System32\drivers\mfewfpk.sys:
433	2944.2948: CreationTime: 2014-08-20T16:13:01.926949100Z
434	2944.2948: LastWriteTime: 2014-08-20T16:12:51.184334700Z
435	2944.2948: ChangeTime: 2015-07-02T10:47:49.201798300Z
436	2944.2948: FileAttributes: 0x20
437	2944.2948: Size: 0x54070
438	2944.2948: NT Headers: 0xf0
439	2944.2948: Timestamp: 0x52ab7fd3
440	2944.2948: Machine: 0x8664 - amd64
441	2944.2948: Timestamp: 0x52ab7fd3
442	2944.2948: Image Version: 0.0
443	2944.2948: SizeOfImage: 0x51980 (334208)
444	2944.2948: Resource Dir: 0x50e80 LB 0x348
445	2944.2948: ProductName: SYSCORE
446	2944.2948: FileVersion: SYSCORE.15.1.0.656
447	2944.2948: PrivateBuild: SYSCORE.15.1.0.656 F17,F18
448	2944.2948: FileDescription: Anti-Virus Mini-Firewall Driver
449	2944.2948: \SystemRoot\System32\drivers\dgmaster.sys:
450	2944.2948: CreationTime: 2014-08-20T16:23:57.605451800Z
451	2944.2948: LastWriteTime: 2013-06-11T08:34:28.000000000Z
452	2944.2948: ChangeTime: 2014-08-20T16:23:57.885467800Z
453	2944.2948: FileAttributes: 0x20
454	2944.2948: Size: 0x1556f0
455	2944.2948: NT Headers: 0x108
456	2944.2948: Timestamp: 0x51b766a9
457	2944.2948: Machine: 0x8664 - amd64
458	2944.2948: Timestamp: 0x51b766a9
459	2944.2948: Image Version: 6.1
460	2944.2948: SizeOfImage: 0x16a000 (1482752)
461	2944.2948: Resource Dir: 0x12d000 LB 0x35f80
462	2944.2948: Calling main()
463	2944.2948: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
464	2944.2948: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
465	2944.2948: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
466	2944.2948: SUPR3HardenedMain: Respawn #2
467	2944.2948: supR3HardNtEnableThreadCreation:
468	2944.2948: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)
469	2944.2948: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
470	2944.2948: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
471	2944.2948: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
472	2944.2948: supR3HardenedDllNotificationCallback: load 000007fefd590000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
473	2944.2948: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
474	2944.2948: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd590000 'C:\Windows\system32\apphelp.dll'
475	2944.2948: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000779cb690 pvNtTerminateThread=00000000779ee100
476	2944.2948: supR3HardenedWinDoReSpawn(2): New child 29ac.29b0 [kernel32].
477	2944.2948: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdd000 cbPeb=0x380
478	2944.2948: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000779a0000 uNtDllChildAddr=00000000779a0000
479	2944.2948: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000779cb690
480	2944.2948: supR3HardenedWinSetupChildInit: Start child.
481	2944.2948: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 30 ms.
482	2944.2948: supR3HardNtChildPurify: Startup delay kludge #1/0: 515 ms, 51 sleeps
483	2944.2948: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
484	2944.2948: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
485	2944.2948: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
486	2944.2948: *0000000000030000-000000000002efff 0x0040/0x0040 0x0020000 !!
487	2944.2948: supHardNtVpFreeOrReplacePrivateExecMemory: Replacing exec mem at 0000000000030000 (LB 0x1000, 0000000000030000 LB 0x1000)
488	2944.2948: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [0000000000030000/0000000000030000 LB 0/0x1000]
489	2944.2948: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/0000000000030000 LB 0x10000 s=0x10000 ap=0x0 rp=0x00000000000001
490	2944.2948: Error (rc=-5673):
491	2944.2948: NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details

Download in other formats:

Original Format