VirtualBox

Ticket #16259: VBoxHardening5.1.10.log

File VBoxHardening5.1.10.log, 7.1 KB (added by Stevel, 8 years ago)

Hardening log of VirtualBox 5.1.10 and DG 7.3.0.0160

Line 
1c64.c68: Log file opened: 5.1.10r112026 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2c64.c68: \SystemRoot\System32\ntdll.dll:
3c64.c68: CreationTime: 2016-12-02T04:34:06.918875000Z
4c64.c68: LastWriteTime: 2016-10-07T15:35:29.838228900Z
5c64.c68: ChangeTime: 2016-12-02T12:25:01.387625000Z
6c64.c68: FileAttributes: 0x20
7c64.c68: Size: 0x1a7100
8c64.c68: NT Headers: 0xe0
9c64.c68: Timestamp: 0x57f7c06e
10c64.c68: Machine: 0x8664 - amd64
11c64.c68: Timestamp: 0x57f7c06e
12c64.c68: Image Version: 6.1
13c64.c68: SizeOfImage: 0x1aa000 (1744896)
14c64.c68: Resource Dir: 0x14e000 LB 0x5a028
15c64.c68: ProductName: Microsoft® Windows® Operating System
16c64.c68: ProductVersion: 6.1.7601.23569
17c64.c68: FileVersion: 6.1.7601.23569 (win7sp1_ldr.161007-0600)
18c64.c68: FileDescription: NT Layer DLL
19c64.c68: \SystemRoot\System32\kernel32.dll:
20c64.c68: CreationTime: 2016-12-02T04:34:03.653250000Z
21c64.c68: LastWriteTime: 2016-10-07T15:32:25.787000000Z
22c64.c68: ChangeTime: 2016-12-02T12:25:03.262625000Z
23c64.c68: FileAttributes: 0x20
24c64.c68: Size: 0x11c000
25c64.c68: NT Headers: 0xe0
26c64.c68: Timestamp: 0x57f7c0b3
27c64.c68: Machine: 0x8664 - amd64
28c64.c68: Timestamp: 0x57f7c0b3
29c64.c68: Image Version: 6.1
30c64.c68: SizeOfImage: 0x11f000 (1175552)
31c64.c68: Resource Dir: 0x116000 LB 0x528
32c64.c68: ProductName: Microsoft® Windows® Operating System
33c64.c68: ProductVersion: 6.1.7601.23569
34c64.c68: FileVersion: 6.1.7601.23569 (win7sp1_ldr.161007-0600)
35c64.c68: FileDescription: Windows NT BASE API Client DLL
36c64.c68: \SystemRoot\System32\KernelBase.dll:
37c64.c68: CreationTime: 2016-12-02T04:34:04.122000000Z
38c64.c68: LastWriteTime: 2016-10-07T15:32:25.802000000Z
39c64.c68: ChangeTime: 2016-12-02T12:25:03.262625000Z
40c64.c68: FileAttributes: 0x20
41c64.c68: Size: 0x66800
42c64.c68: NT Headers: 0xe8
43c64.c68: Timestamp: 0x57f7c0b4
44c64.c68: Machine: 0x8664 - amd64
45c64.c68: Timestamp: 0x57f7c0b4
46c64.c68: Image Version: 6.1
47c64.c68: SizeOfImage: 0x6a000 (434176)
48c64.c68: Resource Dir: 0x68000 LB 0x530
49c64.c68: ProductName: Microsoft® Windows® Operating System
50c64.c68: ProductVersion: 6.1.7601.23569
51c64.c68: FileVersion: 6.1.7601.23569 (win7sp1_ldr.161007-0600)
52c64.c68: FileDescription: Windows NT BASE API Client DLL
53c64.c68: \SystemRoot\System32\apisetschema.dll:
54c64.c68: CreationTime: 2016-12-02T04:33:58.637625000Z
55c64.c68: LastWriteTime: 2016-10-07T15:32:20.717000000Z
56c64.c68: ChangeTime: 2016-12-02T12:25:01.340750000Z
57c64.c68: FileAttributes: 0x20
58c64.c68: Size: 0x1a00
59c64.c68: NT Headers: 0xc0
60c64.c68: Timestamp: 0x57f7c04d
61c64.c68: Machine: 0x8664 - amd64
62c64.c68: Timestamp: 0x57f7c04d
63c64.c68: Image Version: 6.1
64c64.c68: SizeOfImage: 0x50000 (327680)
65c64.c68: Resource Dir: 0x30000 LB 0x3f8
66c64.c68: ProductName: Microsoft® Windows® Operating System
67c64.c68: ProductVersion: 6.1.7601.23569
68c64.c68: FileVersion: 6.1.7601.23569 (win7sp1_ldr.161007-0600)
69c64.c68: FileDescription: ApiSet Schema DLL
70c64.c68: Found driver dgmaster (0x2000)
71c64.c68: supR3HardenedWinFindAdversaries: 0x2000
72c64.c68: \SystemRoot\System32\drivers\dgmaster.sys:
73c64.c68: CreationTime: 2016-12-02T16:30:06.506835900Z
74c64.c68: LastWriteTime: 2016-12-02T02:31:46.000000000Z
75c64.c68: ChangeTime: 2016-12-02T16:30:06.584960900Z
76c64.c68: FileAttributes: 0x2020
77c64.c68: Size: 0x2505c0
78c64.c68: NT Headers: 0x108
79c64.c68: Timestamp: 0x5840dcd7
80c64.c68: Machine: 0x8664 - amd64
81c64.c68: Timestamp: 0x5840dcd7
82c64.c68: Image Version: 6.3
83c64.c68: SizeOfImage: 0x30a000 (3186688)
84c64.c68: Resource Dir: 0x2ca000 LB 0x35f48
85c64.c68: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
86c64.c68: Calling main()
87c64.c68: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
88c64.c68: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
89c64.c68: SUPR3HardenedMain: Respawn #1
90c64.c68: System32: \Device\HarddiskVolume2\Windows\System32
91c64.c68: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
92c64.c68: KnownDllPath: C:\Windows\system32
93c64.c68: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
94c64.c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
95c64.c68: supR3HardNtEnableThreadCreation:
96c64.c68: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007710a360 pvNtTerminateThread=000000007712c260
97c64.c68: supR3HardenedWinDoReSpawn(1): New child c6c.c70 [kernel32].
98c64.c68: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdb000 cbPeb=0x380
99c64.c68: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000770e0000 uNtDllChildAddr=00000000770e0000
100c64.c68: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007710a360
101c64.c68: supR3HardenedWinSetupChildInit: Start child.
102c64.c68: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 16 ms.
103c64.c68: supR3HardNtChildPurify: Startup delay kludge #1/0: 515 ms, 33 sleeps
104c64.c68: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
105c64.c68: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
106c64.c68: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
107c64.c68: *0000000000030000-000000000002efff 0x0040/0x0040 0x0020000 !!
108c64.c68: supHardNtVpFreeOrReplacePrivateExecMemory: Replacing exec mem at 0000000000030000 (LB 0x1000, 0000000000030000 LB 0x1000)
109c64.c68: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [0000000000030000/0000000000030000 LB 0/0x1000]
110c64.c68: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/0000000000030000 LB 0x10000 s=0x10000 ap=0x0 rp=0x00000000000001
111c64.c68: Error (rc=-5673):
112c64.c68: NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details
113c64.c68: Error (rc=-5645):
114c64.c68: Too many virtual memory regions.
115
116c64.c68: Error (rc=-5673):
117c64.c68: supHardenedWinVerifyProcess failed with Unknown Status -5673 (0xffffe9d7): NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details
118[rc=-5645] Too many virtual memory regions.
119c64.c68: Error -5673 in supR3HardNtChildPurify! (enmWhat=5)
120c64.c68: supHardenedWinVerifyProcess failed with Unknown Status -5673 (0xffffe9d7): NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details
121[rc=-5645] Too many virtual memory regions.
122c64.c68: supR3HardNtEnableThreadCreation:

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette