Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Win11 Signal Desktop connectivity permanently lost on network change | WSALookupServiceBegin() -> WSASYSNOTREADY (10091) #2530

Closed
Animadei opened this issue Dec 13, 2022 · 9 comments
Closed

Win11 Signal Desktop connectivity permanently lost on network change | WSALookupServiceBegin() -> WSASYSNOTREADY (10091) #2530

Animadei opened this issue Dec 13, 2022 · 9 comments
Labels
already fixed Already fixed at some point Issue reproduced Issue reproduced without uncertainties Win 11 Windows 11 issues Workaround Temporary or alternative solution

Comments

@Animadei
Copy link

Animadei commented Dec 13, 2022
edited by isaak654
Loading

Describe what you noticed and did

  1. To run the program either add "--disable-gpu" to the command-line or enable the "force usage of custom dummy Manifest files" option.
  2. Run Signal Desktop on Win11 and re-enable the network adapter or connect/disconnect from the VPN.
  3. Signal Desktop will report a network connectivity issue but will stay offline until the program is terminated and restarted.
  4. Note: The issue does not happen in Win10.

How often did you encounter it so far?

100% reproducible

Affected program

Signal Desktop

Download link

https://signal.org/download/

Where is the program located?

The program is installed only inside a sandbox (NOT in the real system anyway).

Expected behavior

Signal Desktop should reconnect to the Internet whenever the network adapter has Internet.

The issue is probably related to inaccessibility to the Network Location Awareness service from within the Sandboxie container. Running the example code from https://www.winsocketdotnetworkprogramming.com/winsock2programming/winsock2advancednsrnr8f.html outside of Sandboxie enumerates the network adapter states (querying NS_NLA) but when run from within Sandboxie prints out:

WSAStartup() should be OK!
WSALookupServiceBegin() failed with error 10091

The error 10091 is WSASYSNOTREADY from https://learn.microsoft.com/en-us/windows/win32/winsock/querying-nla-2 says "The NLA service is unavailable to process the request.".

The NLA service provides the network connectivity status indicator (NCSI) for each network adapter and it is what Google Chromium and all derivative platforms like Electron.js use to determine when the Internet is online and offline.

Went down the rabbit hole of Signal>Electron.js>Node.js>Chromium and discovered that we can enable logging on all these applications by running the programs from command-line and adding the command-line parameters "--enable-logging --v=1" to force debug log output.

From the good case that was run outside Sandboxie:

  • When the network adapter is disabled the output shows:
[24504:1608:1209/123934.272:VERBOSE1:logging_network_change_observer.cc(93)] Observed a change to the network IP addresses
[24504:1608:1209/123935.267:VERBOSE1:logging_network_change_observer.cc(103)] Observed a change to network connectivity state CONNECTION_UNKNOWN
[24504:1608:1209/123936.780:VERBOSE1:logging_network_change_observer.cc(116)] Observed a network change to state CONNECTION_NONE
[24504:1608:1209/123936.789:VERBOSE1:logging_network_change_observer.cc(116)] Observed a network change to state CONNECTION_UNKNOWN
  • When the network adapter is then re-enabled the output shows:
[24504:1608:1209/124132.977:VERBOSE1:logging_network_change_observer.cc(93)] Observed a change to the network IP addresses
[24504:1608:1209/124133.971:VERBOSE1:logging_network_change_observer.cc(103)] Observed a change to network connectivity state CONNECTION_UNKNOWN
[24504:1608:1209/124134.476:VERBOSE1:logging_network_change_observer.cc(116)] Observed a network change to state CONNECTION_NONE
[24504:1608:1209/124134.476:VERBOSE1:logging_network_change_observer.cc(116)] Observed a network change to state CONNECTION_UNKNOWN

According Chromium's network_change_notifier.cc source we can see that CONNECTION_UNKNOWN is treated as there may be Internet but the last state set to CONNECTION_NONE is the only time when Chromium is certain there's no network.

Let's take a look at a bad case run from inside Sandboxie:

  • When the network adapter is disabled the output shows:
[6056:22596:1209/122612.410:VERBOSE1:logging_network_change_observer.cc(93)] Observed a change to the network IP addresses
[6056:22596:1209/122613.420:VERBOSE1:logging_network_change_observer.cc(103)] Observed a change to network connectivity state CONNECTION_NONE
[6056:22596:1209/122614.926:VERBOSE1:logging_network_change_observer.cc(116)] Observed a network change to state CONNECTION_NONE
  • When the network adapter is then re-enabled the output shows:
[6056:22596:1209/122705.556:VERBOSE1:logging_network_change_observer.cc(93)] Observed a change to the network IP addresses
[6056:22596:1209/122708.682:VERBOSE1:logging_network_change_observer.cc(93)] Observed a change to the network IP addresses
[6056:22596:1209/122708.711:VERBOSE1:logging_network_change_observer.cc(93)] Observed a change to the network IP addresses
[6056:22596:1209/122708.840:VERBOSE1:logging_network_change_observer.cc(93)] Observed a change to the network IP addresses
[6056:22596:1209/122712.330:VERBOSE1:logging_network_change_observer.cc(93)] Observed a change to the network IP addresses
[6056:22596:1209/122712.778:VERBOSE1:logging_network_change_observer.cc(93)] Observed a change to the network IP addresses
[6056:22596:1209/122734.074:VERBOSE1:logging_network_change_observer.cc(103)] Observed a change to network connectivity state CONNECTION_NONE

Any Google Chromium based application will inherent the same problem. The Chrome extension called "Offline Checker" will gray out any loaded web page when it detects a loss of Internet connectivity. The loss is triggered when reconnecting the Ethernet or VPN. The same does not occur when running browsers outside of Sandboxie.

The above points to some issue with Sandboxie cutting off access to the Network Location Awareness service so will need your help to have a look what could be the cause from the filtering aspects. I tried enabling "Disable Security Isolation" and "Disable Security Filtering" and all options available but no options worked.

What is your Windows edition and version?

Win11 2H22

In which Windows account you have this problem?

A local or Microsoft account without special changes.

Please mention any installed security software

None

What version of Sandboxie are you running?

Sandboxie Plus 1.5.3

Is it a new installation of Sandboxie?

I recently did a new clean installation.

Is it a regression?

No response

In which sandbox type you have this problem?

In a standard isolation sandbox (yellow sandbox icon).

Can you reproduce this problem on an empty sandbox?

I can confirm it also on an empty sandbox.

Did you previously enable some security policy settings outside Sandboxie?

No.

Crash dump

No response

Trace log

No response

Sandboxie.ini configuration

[GlobalSettings]
NetworkEnableWFP=y
FileRootPath=\??\%SystemDrive%\Sandbox\%USER%\%SANDBOX%
KeyRootPath=\REGISTRY\USER\Sandbox_%USER%_%SANDBOX%
IpcRootPath=\Sandbox\%USER%\%SANDBOX%\Session_%SESSION%
Template=WindowsLive
Template=SynapticsTouchPad
Template=OfficeLicensing
Template=OfficeClickToRun
Template=LogitechSetPoint
Template=Edge_Fix

[UserSettings_051A0150]
SbieCtrl_AutoStartAgent=SandMan.exe
SbieCtrl_EnableAutoStart=y

[Default Box]
Enabled=y
BlockNetworkFiles=y
RecoverFolder=%{374DDE12-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Desktop%
RecoverFolder=%Personal%
BorderColor=#00ffff,ttl,6
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
Template=qWave
Template=FileCopy
Template=SkipHook
Template=OpenBluetooth
ConfigLevel=9
AutoRecover=y
BoxNameTitle=n
ClosePrintSpooler=y
CopyLimitKb=-1
AllowNetworkAccess=<BlockNetAccess>,n
ClosedFilePath=<BlockNetDevices>,InternetAccessDevices
NeverDelete=y
DblClickAction=C:\Users\user\AppData\Local\Programs\signal-desktop\Signal.exe --disable-gpu
RunCommand=Signal|C:\Users\user\AppData\Local\Programs\signal-desktop\Signal.exe --disable-gpu
@Animadei Animadei added the Confirmation pending Further confirmation is requested label Dec 13, 2022
@OrangeLion84
Copy link

Spotify faces similar problems.
I get stuck frequently in Offline Mode whenever the connection drops and reconnects and sometimes when PC wakes from sleep.

@Animadei
Copy link
Author

Spotify uses Chromium Embedded Framework so your example adds to the confirmation that all Chromium based applications are affected.
https://www.spotify.com/us/opensource/

@DavidXanatos DavidXanatos added High priority To be done as soon as possible fixed in next build Fixed in the next Sandboxie version Issue reproduced Issue reproduced without uncertainties Workaround Temporary or alternative solution and removed Confirmation pending Further confirmation is requested High priority To be done as soon as possible labels Dec 15, 2022
@DavidXanatos
Copy link
Member

DavidXanatos commented Dec 20, 2022
edited by isaak654
Loading

Windows 11 requires the following RPC interface to be available:

Sandboxie/Sandboxie/install/Templates.ini

Lines 3459 to 3462 in 18f9354

# windows 11 NLA
RpcPortBinding=nlansp_c.dll,'ncalrpc:',Resolve=NetworkProfiles,TimeOut=y
RpcPortBindingIfId=NetworkProfiles,{3F787932-3452-4363-8651-6EA97BB373BB}
#RpcPortBindingSvc=NetworkProfiles,netprofm

@Animadei
Copy link
Author

The workaround .ini settings didn't work. Installed the latest Sandboxie-Plus v1.6.3 and doesn't work either.

Errors picked out:

23:23:35.645	nla.exe	15160	36088	Rpc (U)	Trace 		Failed to resolve dynamic port: NetworkProfiles; status: C0000225
...
23:23:35.646	SandboxieRpcSs.exe	21492	24884	Key (U)		\registry\machine\Software\Microsoft\Windows\CurrentVersion\NetworkServiceTriggers\Triggers\bc90d167-9470-4139-a9ba-be0bbbf5b74d\3f787932-3452-4363-8651-6ea97bb373bb
...
23:23:35.646	nla.exe	15160	36088	Debug (U)	Trace (24) 		SetError: 10091  (WSAStartup cannot function at this time because the underlying system it uses to provide network services is currently unavailable.)

Full trace log:

23:23:20.876	SandboxieRpcSs.exe	21492	33488	Debug (U)	Trace (2) 		SetError: 997  (Overlapped I/O operation is in progress.)
23:23:35.622	cmd.exe	18900	34836	File (U)		\Device\HarddiskVolume1\
23:23:35.622	cmd.exe	18900	34836	File (U)	(2) 	\Device\HarddiskVolume1\sample
23:23:35.622	cmd.exe	18900	34836	File (U)		\Device\HarddiskVolume1\Windows\System32\cmd.exe
23:23:35.622	cmd.exe	18900	34836	File (U)		\Device\HarddiskVolume1\sample\nla.exe
23:23:35.622	cmd.exe	18900	34836	Debug (U)	Trace (6) 		SetError: 193
23:23:35.622	cmd.exe	18900	34836	Ipc (D)	Open Trace 	$:nla.exe	(TA) 001FFFFF 015160
23:23:35.622	cmd.exe	18900	34836	Ipc (D)	Open Trace 	$:nla.exe	(PA) 001FFFFF 015160
23:23:35.622	cmd.exe	18900	34836	Debug (U)	Trace (7) 		SetError: 193
23:23:35.622	cmd.exe	18900	34836	Key (U)		\REGISTRY\USER\S-1-5-21-2263723613-2119981982-6273626373-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
23:23:35.622	cmd.exe	18900	34836	Debug (U)	Trace (5) 		SetError: 193
23:23:35.622	cmd.exe	18900	34836	Key (U)		\REGISTRY\USER\S-1-5-21-2263723613-2119981982-6273626373-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
23:23:35.622	cmd.exe	18900	34836	Debug (U)	Trace (6) 		SetError: 193
23:23:35.622	cmd.exe	18900	34836	Key (U)		\registry\user\S-1-5-21-2263723613-2119981982-6273626373-1001\software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
23:23:35.622	cmd.exe	18900	34836	Debug (U)	Trace (5) 		SetError: 193
23:23:35.622	cmd.exe	18900	34836	Key (U)		\registry\user\S-1-5-21-2263723613-2119981982-6273626373-1001\software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
23:23:35.622	cmd.exe	18900	34836	Debug (U)	Trace (10) 		SetError: 193
23:23:35.623	cmd.exe	18900	34836	Key (U)		\Registry\MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide
23:23:35.623	cmd.exe	18900	34836	Debug (U)	Trace (5) 		SetError: 193
23:23:35.623	cmd.exe	18900	34836	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide
23:23:35.623	cmd.exe	18900	34836	Debug (U)	Trace (9) 		SetError: 193
23:23:35.623	cmd.exe	18900	34836	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.623	cmd.exe	18900	34836	Debug (U)	Trace (5) 		SetError: 193
23:23:35.623	cmd.exe	18900	34836	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.623	cmd.exe	18900	34836	Debug (U)	Trace (6) 		SetError: 193
23:23:35.623	cmd.exe	18900	34836	File (U)		\Device\HarddiskVolume1\WINDOWS\AppPatch\sysmain.sdb
23:23:35.623	cmd.exe	18900	34836	Debug (U)	Trace (5) 		SetError: 193
23:23:35.623	cmd.exe	18900	34836	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.623	cmd.exe	18900	34836	Debug (U)	Trace (5) 		SetError: 193
23:23:35.623	cmd.exe	18900	34836	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.623	cmd.exe	18900	34836	Debug (U)	Trace (6) 		SetError: 193
23:23:35.623	cmd.exe	18900	34836	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\ManifestedMergeStubSdbs
23:23:35.623	cmd.exe	18900	34836	Debug (U)	Trace (3) 		SetError: 193
23:23:35.623	cmd.exe	18900	34836	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\ManifestedMergeStubSdbs
23:23:35.623	cmd.exe	18900	34836	Debug (U)	Trace (9) 		SetError: 193
23:23:35.623	cmd.exe	18900	34836	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.623	cmd.exe	18900	34836	Debug (U)	Trace (5) 		SetError: 193
23:23:35.624	cmd.exe	18900	34836	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace (7) 		SetError: 193
23:23:35.624	cmd.exe	18900	34836	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace (5) 		SetError: 193
23:23:35.624	cmd.exe	18900	34836	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace (6) 		SetError: 193
23:23:35.624	cmd.exe	18900	34836	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\ManifestedMergeStubSdbs
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace (8) 		SetError: 193
23:23:35.624	cmd.exe	18900	34836	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace (5) 		SetError: 193
23:23:35.624	cmd.exe	18900	34836	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace (7) 		SetError: 193
23:23:35.624	cmd.exe	18900	34836	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace (5) 		SetError: 193
23:23:35.624	cmd.exe	18900	34836	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace (6) 		SetError: 193
23:23:35.624	cmd.exe	18900	34836	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\ManifestedMergeStubSdbs
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace (8) 		SetError: 193
23:23:35.624	cmd.exe	18900	34836	File (U)		\Device\HarddiskVolume1\WINDOWS\apppatch\MergeSdbFilesSource\sysMerge.sdb
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace (14) 		SetError: 193
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace 		CreateProcess: C:\sample\nla.exe (C:\sample\nla.exe); err=0
23:23:35.624	cmd.exe	18900	34836	Debug (U)	Trace (3) 		SetError: 193
23:23:35.624	nla.exe	15160	36088	Ipc / Section (D)	Open 	\KnownDlls\kernel32.dll	(IA) 0000000D
23:23:35.624	nla.exe	15160	36088	Ipc / Section (D)	Open 	\KnownDlls\kernelbase.dll	(IA) 0000000D
23:23:35.624	nla.exe	15160	36088	Ipc / Section (D)	Open 	\Sessions\1\Windows\SharedSection	(IA) 00000004
23:23:35.624	nla.exe	15160	36088	Ipc / ALPC Port (D)	Open 	\Sessions\1\Windows\ApiPort	(IA) 001F0001
23:23:35.624	nla.exe	15160	36088	SysCall / \Sessions\1\Windows\ApiPort (D)	Open 	ConnectPort	status = 0x0, handle = 60
23:23:35.624	nla.exe	15160	36088	Ipc / Mutant (D)	Open 	\Sessions\1\BaseNamedObjects\SM0:15160:304:WilStaging_02	(IA) 001F0001
23:23:35.624	nla.exe	15160	36088	Ipc / Semaphore (D)	Open 	\Sessions\1\BaseNamedObjects\SM0:15160:304:WilStaging_02_p0	(IA) 001F0003
23:23:35.624	nla.exe	15160	36088	Ipc / Semaphore (D)	Open 	\Sessions\1\BaseNamedObjects\SM0:15160:304:WilStaging_02_p0h	(IA) 001F0003
23:23:35.624	nla.exe	15160	36088	Ipc / Section (D)	Open 	\KnownDlls\PSAPI.DLL	(IA) 0000000D
23:23:35.624	nla.exe	15160	36088	Debug (U)	Trace 		SbieDll injected...
23:23:35.624	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 183  (Cannot create a file when that file already exists.)
23:23:35.624	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 2  (The system cannot find the file specified.)
23:23:35.624	nla.exe	15160	36088	Debug (U)	Trace (10) 		SetError: 126  (The specified module could not be found.)
23:23:35.624	nla.exe	15160	36088	Ipc / SymbolicLink (U)		\GLOBAL??\C:
23:23:35.624	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 126  (The specified module could not be found.)
23:23:35.626	nla.exe	15160	36088	Ipc (U)		\Device\HarddiskVolume1
23:23:35.626	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 126  (The specified module could not be found.)
23:23:35.626	nla.exe	15160	36088	Ipc (U)		\Device
23:23:35.626	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 126  (The specified module could not be found.)
23:23:35.626	nla.exe	15160	36088	Drive (U)		\Device\HarddiskVolume1
23:23:35.626	nla.exe	15160	36088	Debug (U)	Trace (69) 		SetError: 126  (The specified module could not be found.)
23:23:35.627	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 203  (The system could not find the environment option that was entered.)
23:23:35.627	nla.exe	15160	36088	Debug (U)	Trace (64) 		SetError: 2  (The system cannot find the file specified.)
23:23:35.628	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\sample\nla.exe.mun
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 15106  (User stopped resource enumeration.)
23:23:35.628	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\sample\nla.exe.config
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 2  (The system cannot find the file specified.)
23:23:35.628	nla.exe	15160	36088	Ipc / ALPC Port (U)	Open 	\RPC Control\SbieSvcPort
23:23:35.628	nla.exe	15160	36088	Ipc / ALPC Port (D)	Open 	\RPC Control\SbieSvcPort	(IA) 001F0001
23:23:35.628	nla.exe	15160	36088	SysCall / \RPC Control\SbieSvcPort (D)	Open 	ConnectPort	status = 0x0, handle = AC
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 1177424384
23:23:35.628	nla.exe	15160	36088	Key (U)		\registry\user\S-1-5-21-2263723613-2119981982-6273626373-1001\software\SandboxAutoExec
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace (2) 		SetError: 1177424384
23:23:35.628	nla.exe	15160	36088	Key (U)		\registry\user\S-1-5-21-2263723613-2119981982-6273626373-1001\software\SandboxAutoExec
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 1177424384
23:23:35.628	nla.exe	15160	36088	Key (U)		\registry\user\S-1-5-21-2263723613-2119981982-6273626373-1001\software\SandboxAutoExec
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace (8) 		SetError: 1177424384
23:23:35.628	nla.exe	15160	36088	Ipc (U)		\Sessions\1\BaseNamedObjects\SboxSession
23:23:35.628	nla.exe	15160	36088	Ipc / Event (D)		\Sandbox\testuser\newprofile\Session_1\Sessions\1\BaseNamedObjects\SboxSession	(IA) 001F0003
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 1177424384
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 183  (Cannot create a file when that file already exists.)
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 487  (Attempt to access invalid address.)
23:23:35.628	SandboxieRpcSs.exe	21492	28136	Ipc (D)	Trace 	$:nla.exe	(PA) 00100000 015160
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace (2) 		SetError: 487  (Attempt to access invalid address.)
23:23:35.628	nla.exe	15160	36088	Key (U)		\Registry\MACHINE\System\CurrentControlSet\Control\SafeBoot\Option
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 487  (Attempt to access invalid address.)
23:23:35.628	nla.exe	15160	36088	Key (U)		\Registry\Machine\System\CurrentControlSet\Control\Srp\GP\DLL
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 487  (Attempt to access invalid address.)
23:23:35.628	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 487  (Attempt to access invalid address.)
23:23:35.628	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers
23:23:35.628	nla.exe	15160	36088	Debug (U)	Trace (8) 		SetError: 487  (Attempt to access invalid address.)
23:23:35.629	nla.exe	15160	36088	Key (U)		\REGISTRY\USER\S-1-5-21-2263723613-2119981982-6273626373-1001\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
23:23:35.629	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 487  (Attempt to access invalid address.)
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\System\CurrentControlSet\Control\FileSystem
23:23:35.629	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 487  (Attempt to access invalid address.)
23:23:35.629	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\FileSystem
23:23:35.629	nla.exe	15160	36088	Debug (U)	Trace (16) 		SetError: 487  (Attempt to access invalid address.)
23:23:35.629	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\apphelp.dll
23:23:35.629	nla.exe	15160	36088	Debug (U)	Trace (10) 		SetError: 487  (Attempt to access invalid address.)
23:23:35.629	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\SYSTEM32\apphelp.dll
23:23:35.629	nla.exe	15160	36088	Debug (U)	Trace (4) 		SetError: 487  (Attempt to access invalid address.)
23:23:35.629	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\SYSTEM32\apphelp.dll
23:23:35.629	nla.exe	15160	36088	Debug (U)	Trace (7) 		SetError: 487  (Attempt to access invalid address.)
23:23:35.629	nla.exe	15160	36088	Image (U)			apphelp.dll (loaded)
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
23:23:35.629	nla.exe	15160	36088	Key (U)		\registry\machine\software\microsoft\Windows NT\CurrentVersion\AppCompatFlags
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\OSDATA\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
23:23:35.629	nla.exe	15160	36088	Key (U)		\registry\machine\software\microsoft\Windows NT\CurrentVersion\AppCompatFlags
23:23:35.629	nla.exe	15160	36088	File (U)	(3) 	\Device\HarddiskVolume1\sample\nla.exe
23:23:35.629	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\SYSTEM32\ntdll.dll
23:23:35.629	nla.exe	15160	36088	File (U)	(2) 	\Device\HarddiskVolume1\Windows\System32\ntdll.dll
23:23:35.629	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\kernel32.dll
23:23:35.629	nla.exe	15160	36088	File (U)	(2) 	\Device\HarddiskVolume1\Windows\System32\kernel32.dll
23:23:35.629	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\KERNELBASE.dll
23:23:35.629	nla.exe	15160	36088	File (U)	(2) 	\Device\HarddiskVolume1\Windows\System32\KernelBase.dll
23:23:35.629	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\psapi.dll
23:23:35.629	nla.exe	15160	36088	File (U)	(2) 	\Device\HarddiskVolume1\Windows\System32\psapi.dll
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\AppPatch\sysmain.sdb
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\ManifestedMergeStubSdbs
23:23:35.629	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\ManifestedMergeStubSdbs
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\ManifestedMergeStubSdbs
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
23:23:35.629	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\ManifestedMergeStubSdbs
23:23:35.629	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\apppatch\MergeSdbFilesSource\sysMerge.sdb
23:23:35.629	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\sample\nla.exe
23:23:35.629	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\USER\S-1-5-21-2263723613-2119981982-6273626373-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
23:23:35.629	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\sample\nla.exe
23:23:35.630	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\USER\S-1-5-21-2263723613-2119981982-6273626373-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
23:23:35.630	nla.exe	15160	36088	Debug (U)	Trace (9) 		SetError: 2  (The system cannot find the file specified.)
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\sample\nla.exe
23:23:35.630	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\USER\S-1-5-21-2263723613-2119981982-6273626373-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\WS2_32.dll
23:23:35.630	nla.exe	15160	36088	Ipc / Section (D)	Open 	\KnownDlls\WS2_32.dll	(IA) 0000000D
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\RPCRT4.dll
23:23:35.630	nla.exe	15160	36088	Ipc / Section (D)	Open 	\KnownDlls\rpcrt4.dll	(IA) 0000000D
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\VCRUNTIME140D.dll
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\ucrtbased.dll
23:23:35.630	nla.exe	15160	36088	Key (U)		\Registry\MACHINE\System\CurrentControlSet\Control\Session Manager
23:23:35.630	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Session Manager
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\sample\VCRUNTIME140D.dll
23:23:35.630	nla.exe	15160	36088	File (U)	(2) 	\Device\HarddiskVolume1\WINDOWS\SYSTEM32\VCRUNTIME140D.dll
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\ucrtbased.dll
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\sample\ucrtbased.dll
23:23:35.630	nla.exe	15160	36088	File (U)	(2) 	\Device\HarddiskVolume1\WINDOWS\SYSTEM32\ucrtbased.dll
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\sample\ucrtbased.dll
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\SYSTEM32\ucrtbased.dll
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\RPCRT4.dll
23:23:35.630	nla.exe	15160	36088	File (U)	(2) 	\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
23:23:35.630	nla.exe	15160	36088	Image (U)			RPCRT4.dll (loaded)
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\WS2_32.dll
23:23:35.630	nla.exe	15160	36088	File (U)	(2) 	\Device\HarddiskVolume1\Windows\System32\ws2_32.dll
23:23:35.630	nla.exe	15160	36088	Image (U)			WS2_32.dll (loaded)
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\SYSTEM32\ucrtbased.dll
23:23:35.630	nla.exe	15160	36088	File (U)	(2) 	\Device\HarddiskVolume1\Windows\System32\ucrtbased.dll
23:23:35.630	nla.exe	15160	36088	Image (U)			ucrtbased.dll (loaded)
23:23:35.630	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\SYSTEM32\VCRUNTIME140D.dll
23:23:35.630	nla.exe	15160	36088	File (U)	(2) 	\Device\HarddiskVolume1\Windows\System32\vcruntime140d.dll
23:23:35.630	nla.exe	15160	36088	Image (U)			VCRUNTIME140D.dll (loaded)
23:23:35.630	nla.exe	15160	36088	Image (U)			nla.exe (loaded)
23:23:35.630	nla.exe	15160	36088	Key (U)		\Registry\Machine\System\CurrentControlSet\Control\Nls\Sorting\Versions
23:23:35.630	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions
23:23:35.630	nla.exe	15160	36088	Key (U)		\Registry\MACHINE\System\CurrentControlSet\Control\Session Manager
23:23:35.630	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Session Manager
23:23:35.630	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 126  (The specified module could not be found.)
23:23:35.630	nla.exe	15160	31656	Debug (U)	Trace 		SetError: 187  (The specified system semaphore name was not found.)
23:23:35.630	nla.exe	15160	31656	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:23:35.630	nla.exe	15160	31656	Debug (U)	Trace (2) 		SetError: 187  (The specified system semaphore name was not found.)
23:23:35.630	nla.exe	15160	31656	Debug (U)	Trace (11) 		SetError: 126  (The specified module could not be found.)
23:23:35.630	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\user32.dll
23:23:35.630	nla.exe	15160	31656	Debug (U)	Trace (7) 		SetError: 126  (The specified module could not be found.)
23:23:35.630	nla.exe	15160	31656	Ipc / Section (D)	Open 	\KnownDlls\user32.dll	(IA) 0000000D
23:23:35.630	nla.exe	15160	31656	Debug (U)	Trace (12) 		SetError: 126  (The specified module could not be found.)
23:23:35.630	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\win32u.dll
23:23:35.630	nla.exe	15160	31656	Debug (U)	Trace (7) 		SetError: 126  (The specified module could not be found.)
23:23:35.631	nla.exe	15160	31656	Ipc / Section (D)	Open 	\KnownDlls\win32u.dll	(IA) 0000000D
23:23:35.631	nla.exe	15160	31656	Debug (U)	Trace (14) 		SetError: 126  (The specified module could not be found.)
23:23:35.631	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\GDI32.dll
23:23:35.631	nla.exe	15160	31656	Debug (U)	Trace (7) 		SetError: 126  (The specified module could not be found.)
23:23:35.631	nla.exe	15160	31656	Ipc / Section (D)	Open 	\KnownDlls\gdi32.dll	(IA) 0000000D
23:23:35.631	nla.exe	15160	31656	Debug (U)	Trace (12) 		SetError: 126  (The specified module could not be found.)
23:23:35.631	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\gdi32full.dll
23:23:35.631	nla.exe	15160	31656	Debug (U)	Trace (7) 		SetError: 126  (The specified module could not be found.)
23:23:35.631	nla.exe	15160	31656	Ipc / Section (D)	Open 	\KnownDlls\gdi32full.dll	(IA) 0000000D
23:23:35.631	nla.exe	15160	31656	Debug (U)	Trace (12) 		SetError: 126  (The specified module could not be found.)
23:23:35.632	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\msvcp_win.dll
23:23:35.632	nla.exe	15160	31656	Debug (U)	Trace (7) 		SetError: 126  (The specified module could not be found.)
23:23:35.632	nla.exe	15160	31656	Ipc / Section (D)	Open 	\KnownDlls\msvcp_win.dll	(IA) 0000000D
23:23:35.632	nla.exe	15160	31656	Debug (U)	Trace (12) 		SetError: 126  (The specified module could not be found.)
23:23:35.632	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\ucrtbase.dll
23:23:35.632	nla.exe	15160	31656	Debug (U)	Trace (7) 		SetError: 126  (The specified module could not be found.)
23:23:35.632	nla.exe	15160	31656	Ipc / Section (D)	Open 	\KnownDlls\ucrtbase.dll	(IA) 0000000D
23:23:35.632	nla.exe	15160	31656	Debug (U)	Trace (14) 		SetError: 126  (The specified module could not be found.)
23:23:35.632	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\win32u.dll
23:23:35.632	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.633	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\win32u.dll
23:23:35.633	nla.exe	15160	31656	Debug (U)	Trace (6) 		SetError: 126  (The specified module could not be found.)
23:23:35.633	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\win32u.dll
23:23:35.633	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.633	nla.exe	15160	31656	Image (U)			win32u.dll (loaded)
23:23:35.633	nla.exe	15160	31656	Debug (U)	Trace (2) 		SetError: 126  (The specified module could not be found.)
23:23:35.633	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\ucrtbase.dll
23:23:35.633	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.633	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\ucrtbase.dll
23:23:35.633	nla.exe	15160	31656	Debug (U)	Trace (6) 		SetError: 126  (The specified module could not be found.)
23:23:35.633	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\ucrtbase.dll
23:23:35.633	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.633	nla.exe	15160	31656	Image (U)			ucrtbase.dll (loaded)
23:23:35.633	nla.exe	15160	31656	Debug (U)	Trace (2) 		SetError: 126  (The specified module could not be found.)
23:23:35.633	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\msvcp_win.dll
23:23:35.633	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.634	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\msvcp_win.dll
23:23:35.634	nla.exe	15160	31656	Debug (U)	Trace (6) 		SetError: 126  (The specified module could not be found.)
23:23:35.634	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\msvcp_win.dll
23:23:35.634	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.634	nla.exe	15160	31656	Image (U)			msvcp_win.dll (loaded)
23:23:35.634	nla.exe	15160	31656	Debug (U)	Trace (2) 		SetError: 126  (The specified module could not be found.)
23:23:35.634	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\gdi32full.dll
23:23:35.634	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.634	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\gdi32full.dll
23:23:35.634	nla.exe	15160	31656	Debug (U)	Trace (6) 		SetError: 126  (The specified module could not be found.)
23:23:35.634	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\gdi32full.dll
23:23:35.634	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.635	nla.exe	15160	31656	Debug (U)	Trace 		SetError: 127  (The specified procedure could not be found.)
23:23:35.635	nla.exe	15160	31656	Image (U)			gdi32full.dll (loaded)
23:23:35.635	nla.exe	15160	31656	Debug (U)	Trace (2) 		SetError: 127  (The specified procedure could not be found.)
23:23:35.635	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\GDI32.dll
23:23:35.635	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 127  (The specified procedure could not be found.)
23:23:35.635	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\gdi32.dll
23:23:35.635	nla.exe	15160	31656	Debug (U)	Trace (6) 		SetError: 127  (The specified procedure could not be found.)
23:23:35.635	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\gdi32.dll
23:23:35.635	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 127  (The specified procedure could not be found.)
23:23:35.635	nla.exe	15160	31656	Image (U)			GDI32.dll (loaded)
23:23:35.635	nla.exe	15160	31656	Debug (U)	Trace (2) 		SetError: 127  (The specified procedure could not be found.)
23:23:35.635	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\user32.dll
23:23:35.635	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 127  (The specified procedure could not be found.)
23:23:35.635	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\user32.dll
23:23:35.635	nla.exe	15160	31656	Debug (U)	Trace (6) 		SetError: 127  (The specified procedure could not be found.)
23:23:35.635	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\user32.dll
23:23:35.635	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 127  (The specified procedure could not be found.)
23:23:35.635	nla.exe	15160	31656	Debug (U)	Trace (8) 		SetError: 5  (Access is denied.)
23:23:35.636	nla.exe	15160	31656	Ipc / ALPC Port (U)		\RPC Control\epmapper
23:23:35.636	nla.exe	15160	31656	Image (U)			user32.dll (loaded)
23:23:35.636	nla.exe	15160	31656	Debug (U)	Trace (10) 		SetError: 5  (Access is denied.)
23:23:35.636	nla.exe	15160	31656	File (U)	(2) 	\Device\HarddiskVolume1\WINDOWS\system32\IMM32.DLL
23:23:35.636	nla.exe	15160	31656	Debug (U)	Trace (15) 		SetError: 126  (The specified module could not be found.)
23:23:35.636	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\IMM32.DLL
23:23:35.636	nla.exe	15160	31656	Debug (U)	Trace (7) 		SetError: 126  (The specified module could not be found.)
23:23:35.636	nla.exe	15160	31656	Ipc / Section (D)	Open 	\KnownDlls\IMM32.dll	(IA) 0000000D
23:23:35.636	nla.exe	15160	31656	Debug (U)	Trace (6) 		SetError: 126  (The specified module could not be found.)
23:23:35.636	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\IMM32.DLL
23:23:35.636	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.636	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\imm32.dll
23:23:35.636	nla.exe	15160	31656	Debug (U)	Trace (6) 		SetError: 126  (The specified module could not be found.)
23:23:35.637	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\imm32.dll
23:23:35.637	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.637	nla.exe	15160	31656	Image (U)			IMM32.DLL (loaded)
23:23:35.637	nla.exe	15160	31656	Debug (U)	Trace (2) 		SetError: 126  (The specified module could not be found.)
23:23:35.637	nla.exe	15160	31656	Key (U)		\Registry\Machine\System\CurrentControlSet\Control\Error Message Instrument
23:23:35.637	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.637	nla.exe	15160	31656	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
23:23:35.637	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.637	nla.exe	15160	31656	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nla.exe
23:23:35.637	nla.exe	15160	31656	Debug (U)	Trace 		SetError: 126  (The specified module could not be found.)
23:23:35.637	nla.exe	15160	31656	Key (U)		\Registry\Machine\Software\Policies\Microsoft\Windows\Display
23:23:35.637	nla.exe	15160	31656	Debug (U)	Trace 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.637	nla.exe	15160	31656	Key (U)		\Registry\Machine\Software\Policies\Microsoft\Windows\Display
23:23:35.637	nla.exe	15160	31656	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nla.exe
23:23:35.637	nla.exe	15160	31656	Key (U)	(2) 	\Registry\Machine\Software\Policies\Microsoft\Windows\Display
23:23:35.637	nla.exe	15160	31656	Ipc / ALPC Port (U)	Open 	\RPC Control\SbieSvcPort
23:23:35.637	nla.exe	15160	31656	Ipc / ALPC Port (D)	Open 	\RPC Control\SbieSvcPort	(IA) 001F0001
23:23:35.637	nla.exe	15160	31656	SysCall / \RPC Control\SbieSvcPort (D)	Open 	ConnectPort	status = 0x0, handle = 118
23:23:35.637	nla.exe	15160	31656	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
23:23:35.637	nla.exe	15160	31656	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
23:23:35.637	nla.exe	15160	31656	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nla.exe
23:23:35.637	nla.exe	15160	31656	Debug (U)	Trace (19) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.637	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\uxtheme.dll
23:23:35.637	nla.exe	15160	31656	Debug (U)	Trace (10) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.638	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll
23:23:35.638	nla.exe	15160	31656	Debug (U)	Trace (4) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.638	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll
23:23:35.638	nla.exe	15160	31656	Debug (U)	Trace (13) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.638	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\combase.dll
23:23:35.638	nla.exe	15160	31656	Debug (U)	Trace (7) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.638	nla.exe	15160	31656	Ipc / Section (D)	Open 	\KnownDlls\combase.dll	(IA) 0000000D
23:23:35.638	nla.exe	15160	31656	Debug (U)	Trace (10) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.639	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\combase.dll
23:23:35.639	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.639	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\combase.dll
23:23:35.639	nla.exe	15160	31656	Debug (U)	Trace (6) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.639	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\combase.dll
23:23:35.639	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.639	nla.exe	15160	31656	Image (U)			combase.dll (loaded)
23:23:35.639	nla.exe	15160	31656	Debug (U)	Trace (2) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.639	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\system32\uxtheme.dll
23:23:35.639	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.639	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\uxtheme.dll
23:23:35.639	nla.exe	15160	31656	Debug (U)	Trace (6) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.639	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\Windows\System32\uxtheme.dll
23:23:35.639	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.639	nla.exe	15160	31656	Image (U)			uxtheme.dll (loaded)
23:23:35.639	nla.exe	15160	31656	Debug (U)	Trace (88) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.641	nla.exe	15160	31656	Key (U)		\REGISTRY\MACHINE
23:23:35.641	nla.exe	15160	31656	Debug (U)	Trace (8) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.641	nla.exe	15160	31656	Key (U)		\registry\machine\SOFTWARE\Microsoft\OLE
23:23:35.641	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.641	nla.exe	15160	31656	Key (U)		\registry\machine\software\microsoft\ole
23:23:35.641	nla.exe	15160	31656	Debug (U)	Trace (12) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.641	nla.exe	15160	31656	Key (U)		\registry\machine\SOFTWARE\Microsoft\OLE
23:23:35.641	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.641	nla.exe	15160	31656	Key (U)		\registry\machine\software\microsoft\ole
23:23:35.641	nla.exe	15160	31656	Debug (U)	Trace (12) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.642	nla.exe	15160	31656	Key (U)		\registry\machine\SOFTWARE\Microsoft\OLE
23:23:35.642	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.642	nla.exe	15160	31656	Key (U)		\registry\machine\software\microsoft\ole
23:23:35.642	nla.exe	15160	31656	Debug (U)	Trace (58) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.643	nla.exe	15160	31656	Key (U)		\registry\machine
23:23:35.643	nla.exe	15160	31656	Debug (U)	Trace (8) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.643	nla.exe	15160	31656	Key (U)		\registry\machine\Software\Microsoft\Ole\FeatureDevelopmentProperties
23:23:35.643	nla.exe	15160	31656	Debug (U)	Trace (5) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.643	nla.exe	15160	31656	Key (U)		\Registry\Machine\SOFTWARE\Microsoft\AppModel\Lookaside\machine
23:23:35.643	nla.exe	15160	31656	Debug (U)	Trace (3) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.643	nla.exe	15160	31656	Key (U)		\Registry\Machine\SOFTWARE\Microsoft\AppModel\Lookaside\user
23:23:35.643	nla.exe	15160	31656	Debug (U)	Trace (6) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.643	nla.exe	15160	31656	Key (U)		\registry\machine\Software\Microsoft\Ole\FeatureDevelopmentProperties
23:23:35.643	nla.exe	15160	31656	Debug (U)	Trace (8) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.643	nla.exe	15160	31656	Key (U)		\registry\machine\Software\Microsoft\Ole
23:23:35.643	nla.exe	15160	31656	Debug (U)	Trace (3) 		SetError: 14007  (The requested lookup key was not found in any active activation context.)
23:23:35.643	nla.exe	15160	31656	Key (U)		\registry\machine\Software\Microsoft\OLE\Tracing
23:23:35.643	nla.exe	15160	31656	Debug (U)	Trace (9) 		SetError: 2  (The system cannot find the file specified.)
23:23:35.643	nla.exe	15160	31656	Ipc / ALPC Port (U)	Open 	\ThemeApiPort
23:23:35.643	nla.exe	15160	31656	Ipc / ALPC Port (D)	Open 	\ThemeApiPort	(IA) 001F0001
23:23:35.643	nla.exe	15160	31656	SysCall / \ThemeApiPort (D)	Open 	ConnectPort	status = 0x0, handle = 184
23:23:35.643	nla.exe	15160	31656	Key (U)		\REGISTRY\USER\S-1-5-21-2263723613-2119981982-6273626373-1001
23:23:35.643	nla.exe	15160	31656	Key (U)		\registry\user\S-1-5-21-2263723613-2119981982-6273626373-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize
23:23:35.643	nla.exe	15160	31656	Key (U)		\registry\user\S-1-5-21-2263723613-2119981982-6273626373-1001\software\Microsoft\Windows\CurrentVersion\Themes\Personalize
23:23:35.643	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\MSCTF.dll
23:23:35.643	nla.exe	15160	31656	Ipc / Section (D)	Open 	\KnownDlls\MSCTF.dll	(IA) 0000000D
23:23:35.643	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\msvcrt.dll
23:23:35.643	nla.exe	15160	31656	Ipc / Section (D)	Open 	\KnownDlls\MSVCRT.dll	(IA) 0000000D
23:23:35.643	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\msvcrt.dll
23:23:35.643	nla.exe	15160	31656	File (U)	(2) 	\Device\HarddiskVolume1\Windows\System32\msvcrt.dll
23:23:35.643	nla.exe	15160	31656	Image (U)			msvcrt.dll (loaded)
23:23:35.643	nla.exe	15160	31656	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\MSCTF.dll
23:23:35.643	nla.exe	15160	31656	File (U)	(2) 	\Device\HarddiskVolume1\Windows\System32\msctf.dll
23:23:35.643	nla.exe	15160	31656	Image (U)			MSCTF.dll (loaded)
23:23:35.643	nla.exe	15160	31656	Key (U)		\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager
23:23:35.643	nla.exe	15160	31656	Key (U)		\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Session Manager
23:23:35.643	nla.exe	15160	31656	Key (U)		\Registry\Machine\System\CurrentControlSet\Control\Nls\CustomLocale
23:23:35.643	nla.exe	15160	31656	Key (U)		\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale
23:23:35.643	nla.exe	15160	31656	Key (U)		\Registry\Machine\System\CurrentControlSet\Control\Nls\ExtendedLocale
23:23:35.643	nla.exe	15160	31656	Key (U)		\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale
23:23:35.643	nla.exe	15160	31656	Ipc / Section (U)	Open 	\Sessions\1\Windows\ThemeSection
23:23:35.643	nla.exe	15160	31656	Ipc / Section (D)	Open 	\Sessions\1\Windows\ThemeSection	(IA) 00000004
23:23:35.643	nla.exe	15160	31656	Ipc / Section (U)	Open 	\Windows\Theme828348082
23:23:35.643	nla.exe	15160	31656	Ipc / Section (D)	Open 	\Windows\Theme828348082	(IA) 00000004
23:23:35.643	nla.exe	15160	31656	Ipc / Section (U)	Open 	\Sessions\1\Windows\Theme1449707068
23:23:35.643	nla.exe	15160	31656	Ipc / Section (D)	Open 	\Sessions\1\Windows\Theme1449707068	(IA) 00000004
23:23:35.643	nla.exe	15160	36088	Ipc (U)		\Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_RpcSs
23:23:35.643	nla.exe	15160	36088	Ipc / Event (D)		\Sandbox\testuser\newprofile\Session_1\Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_RpcSs	(IA) 001F0003
23:23:35.643	nla.exe	15160	36088	Debug (U)	Trace (6) 		SetError: 183  (Cannot create a file when that file already exists.)
23:23:35.643	nla.exe	15160	4840	Debug (U)	Trace 		SetError: 187  (The specified system semaphore name was not found.)
23:23:35.643	nla.exe	15160	4840	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:23:35.643	nla.exe	15160	4840	Debug (U)	Trace (3) 		SetError: 187  (The specified system semaphore name was not found.)
23:23:35.644	nla.exe	15160	4840	Key (U)		\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Services\DcomLaunch
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\registry\machine\System\CurrentControlSet\Services\WinSock2\Parameters
23:23:35.644	nla.exe	15160	4840	Ipc / Event (D)		\Sandbox\testuser\newprofile\Session_1\Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_DcomLaunch	(IA) 001F0003
23:23:35.644	nla.exe	15160	36088	Key (U)		\registry\machine\System\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog
23:23:35.644	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\AppId_Catalog\1D6533E6
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\registry\machine\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
23:23:35.644	nla.exe	15160	36088	Key (U)		\registry\machine\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\0000000B
23:23:35.644	nla.exe	15160	36088	Key (U)		\registry\machine\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000005
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000006
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000007
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000008
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000009
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000010
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000011
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000012
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000013
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000014
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\registry\machine\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5
23:23:35.644	nla.exe	15160	36088	Key (U)		\registry\machine\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\00000016
23:23:35.644	nla.exe	15160	36088	Key (U)		\registry\machine\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000001
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000002
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000003
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000004
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000005
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000006
23:23:35.644	nla.exe	15160	36088	Key (U)	(2) 	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000007
23:23:35.644	nla.exe	15160	36088	Key (U)		\registry\machine\System\CurrentControlSet\Services\Winsock2\Parameters
23:23:35.644	nla.exe	15160	36088	Key (U)		\registry\machine\System\CurrentControlSet\Services\WinSock2\Parameters
23:23:35.644	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\nlansp_c.dll
23:23:35.644	nla.exe	15160	36088	File (U)	(3) 	\Device\HarddiskVolume1\WINDOWS\system32\nlansp_c.dll
23:23:35.644	nla.exe	15160	36088	File (U)	(2) 	\Device\HarddiskVolume1\Windows\System32\nlansp_c.dll
23:23:35.644	nla.exe	15160	36088	Image (U)			nlansp_c.dll (loaded)
23:23:35.644	nla.exe	15160	36088	Debug (U)	Trace (6) 		SetError: 126  (The specified module could not be found.)
23:23:35.644	nla.exe	15160	36088	Key (U)		\registry\machine\Software\Microsoft\Rpc
23:23:35.644	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 126  (The specified module could not be found.)
23:23:35.644	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Rpc
23:23:35.644	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 126  (The specified module could not be found.)
23:23:35.644	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 203  (The system could not find the environment option that was entered.)
23:23:35.644	nla.exe	15160	36088	Key (U)		\Registry\Machine\System\CurrentControlSet\Services\CCG
23:23:35.644	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 203  (The system could not find the environment option that was entered.)
23:23:35.644	nla.exe	15160	36088	Key (U)		\Registry\Machine\System\CurrentControlSet\Services\CCG
23:23:35.644	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 203  (The system could not find the environment option that was entered.)
23:23:35.644	nla.exe	15160	36088	Key (U)		\Registry\Machine\System\CurrentControlSet\Control\ComputerName\ActiveComputerName
23:23:35.644	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 203  (The system could not find the environment option that was entered.)
23:23:35.644	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\ComputerName\ActiveComputerName
23:23:35.644	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 203  (The system could not find the environment option that was entered.)
23:23:35.644	nla.exe	15160	36088	Key (U)		\Registry\Machine\System\Setup
23:23:35.644	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 203  (The system could not find the environment option that was entered.)
23:23:35.644	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SYSTEM\Setup
23:23:35.644	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 203  (The system could not find the environment option that was entered.)
23:23:35.644	nla.exe	15160	36088	Key (U)		\Registry\Machine\System\Setup
23:23:35.644	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 203  (The system could not find the environment option that was entered.)
23:23:35.645	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SYSTEM\Setup
23:23:35.645	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 203  (The system could not find the environment option that was entered.)
23:23:35.645	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nla.exe
23:23:35.645	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 203  (The system could not find the environment option that was entered.)
23:23:35.645	nla.exe	15160	36088	Debug (U)	Trace (32) 		SetError: 1008  (An attempt was made to reference a token that does not exist.)
23:23:35.645	nla.exe	15160	36088	Key (U)		\registry\machine\Software\Policies\Microsoft\Windows NT\Rpc
23:23:35.645	nla.exe	15160	36088	Debug (U)	Trace (6) 		SetError: 1008  (An attempt was made to reference a token that does not exist.)
23:23:35.645	nla.exe	15160	36088	Key (U)		\registry\machine\Software\Microsoft\Rpc
23:23:35.645	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 1008  (An attempt was made to reference a token that does not exist.)
23:23:35.645	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Rpc
23:23:35.645	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 1008  (An attempt was made to reference a token that does not exist.)
23:23:35.645	nla.exe	15160	36088	Rpc (U)	Trace 		Failed to resolve dynamic port: NetworkProfiles; status: C0000225
23:23:35.645	nla.exe	15160	36088	Rpc (U)	Trace 		StringBinding = 'ncalrpc:', wstrPortName = '', BindingHandle = 0x24C35C0, status = 0x00000000, timeout = 1, caller = 'nlansp_c.dll'
23:23:35.645	nla.exe	15160	36088	Rpc (U)	Trace 		Calling NdrClientCall3 UUID = {3F787932-3452-4363-8651-6EA97BB373BB}, 1.0, BindingHandle = 0x24C35C0 (0), caller = 'nlansp_c.dll'
23:23:35.645	nla.exe	15160	36088	Debug (U)	Trace (2) 		SetError: 126  (The specified module could not be found.)
23:23:35.645	nla.exe	15160	36088	Rpc (U)	Trace 		StringBinding = 'ncalrpc:[epmapper]', wstrPortName = '', BindingHandle = 0x24C3ED0, status = 0x00000000, timeout = 1, caller = 'RPCRT4.dll'
23:23:35.645	nla.exe	15160	36088	Rpc (U)	Trace 		Calling NdrClientCall3 UUID = {E1AF8308-5D1F-11C9-91A4-08002B14A0FA}, 3.0, BindingHandle = 0x24C3ED0 (0), caller = 'RPCRT4.dll'
23:23:35.645	nla.exe	15160	36088	Ipc / ALPC Port (U)		\RPC Control\epmapper
23:23:35.645	nla.exe	15160	36088	Ipc (U)		\Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_RpcSs
23:23:35.645	nla.exe	15160	36088	Ipc / Event (D)		\Sandbox\testuser\newprofile\Session_1\Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_RpcSs	(IA) 001F0003
23:23:35.645	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 183  (Cannot create a file when that file already exists.)
23:23:35.645	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Services\DcomLaunch
23:23:35.645	nla.exe	15160	36088	Debug (U)	Trace (3) 		SetError: 183  (Cannot create a file when that file already exists.)
23:23:35.646	nla.exe	15160	36088	Ipc / Event (D)		\Sandbox\testuser\newprofile\Session_1\Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_DcomLaunch	(IA) 001F0003
23:23:35.646	SandboxieRpcSs.exe	21492	24884	Debug (U)	Trace (4) 		SetError: 87  (The parameter is incorrect.)
23:23:35.646	SandboxieRpcSs.exe	21492	24884	SysCall (D)	Open 	AlpcAcceptConnectPort	status = 0x0, handle = 90E593A0
23:23:35.646	nla.exe	15160	36088	Ipc / ALPC Port (D)		\Sandbox\testuser\newprofile\Session_1\RPC Control\epmapper	(IA) 001F0001
23:23:35.646	nla.exe	15160	36088	SysCall / \Sandbox\testuser\newprofile\Session_1\RPC Control\epmapper (D)	Open 	AlpcConnectPort	status = 0x0, handle = FC
23:23:35.646	SandboxieRpcSs.exe	21492	4672	Debug (U)	Trace (4) 		SetError: 87  (The parameter is incorrect.)
23:23:35.646	SandboxieRpcSs.exe	21492	24884	Key (U)		\registry\machine\Software\Microsoft\Windows\CurrentVersion\NetworkServiceTriggers\Triggers\bc90d167-9470-4139-a9ba-be0bbbf5b74d\3f787932-3452-4363-8651-6ea97bb373bb
23:23:35.646	nla.exe	15160	36088	Ipc (U)		\Sessions\1\BaseNamedObjects\Local\SM0:15160:120:WilError_03
23:23:35.646	nla.exe	15160	36088	Ipc / Mutant (D)		\Sandbox\testuser\newprofile\Session_1\Sessions\1\BaseNamedObjects\SM0:15160:120:WilError_03	(IA) 001F0001
23:23:35.646	nla.exe	15160	36088	Debug (U)	Trace (4) 		SetError: 2  (The system cannot find the file specified.)
23:23:35.646	nla.exe	15160	36088	Ipc (U)		\Sessions\1\BaseNamedObjects\Local\SM0:15160:120:WilError_03_p0
23:23:35.646	nla.exe	15160	36088	Ipc / Semaphore (D)		\Sandbox\testuser\newprofile\Session_1\Sessions\1\BaseNamedObjects\SM0:15160:120:WilError_03_p0	(IA) 001F0003
23:23:35.646	nla.exe	15160	36088	Debug (U)	Trace 		SetError: 2  (The system cannot find the file specified.)
23:23:35.646	nla.exe	15160	36088	Ipc (U)		\Sessions\1\BaseNamedObjects\Local\SM0:15160:120:WilError_03_p0h
23:23:35.646	nla.exe	15160	36088	Ipc / Semaphore (D)		\Sandbox\testuser\newprofile\Session_1\Sessions\1\BaseNamedObjects\SM0:15160:120:WilError_03_p0h	(IA) 001F0003
23:23:35.646	nla.exe	15160	36088	Debug (U)	Trace (24) 		SetError: 10091  (WSAStartup cannot function at this time because the underlying system it uses to provide network services is currently unavailable.)
23:23:35.646	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\System32\kernel.appcore.dll
23:23:35.646	nla.exe	15160	36088	Debug (U)	Trace (10) 		SetError: 10091  (WSAStartup cannot function at this time because the underlying system it uses to provide network services is currently unavailable.)
23:23:35.646	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\SYSTEM32\kernel.appcore.dll
23:23:35.646	nla.exe	15160	36088	Debug (U)	Trace (4) 		SetError: 10091  (WSAStartup cannot function at this time because the underlying system it uses to provide network services is currently unavailable.)
23:23:35.646	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\SYSTEM32\kernel.appcore.dll
23:23:35.646	nla.exe	15160	36088	Debug (U)	Trace (9) 		SetError: 10091  (WSAStartup cannot function at this time because the underlying system it uses to provide network services is currently unavailable.)
23:23:35.647	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\WINDOWS\SYSTEM32\kernel.appcore.dll
23:23:35.647	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 10091  (WSAStartup cannot function at this time because the underlying system it uses to provide network services is currently unavailable.)
23:23:35.647	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\Windows\System32\kernel.appcore.dll
23:23:35.647	nla.exe	15160	36088	Debug (U)	Trace (6) 		SetError: 10091  (WSAStartup cannot function at this time because the underlying system it uses to provide network services is currently unavailable.)
23:23:35.647	nla.exe	15160	36088	File (U)		\Device\HarddiskVolume1\Windows\System32\kernel.appcore.dll
23:23:35.647	nla.exe	15160	36088	Debug (U)	Trace (5) 		SetError: 10091  (WSAStartup cannot function at this time because the underlying system it uses to provide network services is currently unavailable.)
23:23:35.647	nla.exe	15160	36088	Image (U)			kernel.appcore.dll (loaded)
23:23:35.647	nla.exe	15160	36088	Debug (U)	Trace (4) 		SetError: 10091  (WSAStartup cannot function at this time because the underlying system it uses to provide network services is currently unavailable.)
23:23:35.647	nla.exe	15160	36088	Debug (U)	Trace (9) 		SetError: 126  (The specified module could not be found.)
23:23:35.647	nla.exe	15160	36088	Key (U)		\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
23:23:35.647	nla.exe	15160	36088	Key (U)		\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
23:23:35.647	nla.exe	15160	36088	Debug (U)	Trace (38) 		SetError: 6  (The handle is invalid.)
23:23:35.648	cmd.exe	18900	34836	Debug (U)	Trace (2) 		SetError: 193
23:23:35.648	SandboxieRpcSs.exe	21492	8236	Debug (U)	Trace (4) 		SetError: 87  (The parameter is incorrect.)
23:23:35.648	SandboxieRpcSs.exe	21492	8236	Debug (U)	Trace (5) 		SetError: 997  (Overlapped I/O operation is in progress.)
23:24:59.916	SandboxieDcomLaunch.exe	33184	36408	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:24:59.916	SandboxieRpcSs.exe	21492	35096	Debug (U)	Trace (4) 		SetError: 87  (The parameter is incorrect.)
23:25:04.023	cmd.exe	18900	30144	Debug (U)	Trace 		SetError: 187  (The specified system semaphore name was not found.)
23:25:04.023	cmd.exe	18900	30144	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:25:04.023	cmd.exe	18900	30144	Debug (U)	Trace 		SetError: 187  (The specified system semaphore name was not found.)
23:25:34.901	SandboxieRpcSs.exe	21492	4672	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:26:01.083	SandboxieRpcSs.exe	21492	23048	Debug (U)	Trace (4) 		SetError: 87  (The parameter is incorrect.)
23:26:41.944	SandboxieRpcSs.exe	21492	8236	Debug (U)	Trace (2) 		SetError: 997  (Overlapped I/O operation is in progress.)
23:26:41.944	SandboxieDcomLaunch.exe	33184	36408	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:27:48.955	SandboxieRpcSs.exe	21492	35096	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:28:02.063	SandboxieRpcSs.exe	21492	4672	Debug (U)	Trace (4) 		SetError: 87  (The parameter is incorrect.)
23:29:59.907	SandboxieRpcSs.exe	21492	19812	Debug (U)	Trace (4) 		SetError: 87  (The parameter is incorrect.)
23:29:59.907	SandboxieDcomLaunch.exe	33184	35048	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:29:59.907	Unknown	28124	21144	Debug (U)	Trace (124114) 		SetError: 1008  (An attempt was made to reference a token that does not exist.)
23:30:04.020	cmd.exe	18900	11360	Debug (U)	Trace 		SetError: 187  (The specified system semaphore name was not found.)
23:30:04.034	cmd.exe	18900	11360	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:30:04.034	cmd.exe	18900	11360	Debug (U)	Trace 		SetError: 187  (The specified system semaphore name was not found.)
23:31:09.954	SandboxieRpcSs.exe	21492	4672	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:31:09.954	SandboxieDcomLaunch.exe	33184	35048	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:33:23.974	SandboxieRpcSs.exe	21492	19812	Debug (U)	Trace (2) 		SetError: 87  (The parameter is incorrect.)
23:34:05.093	SandboxieRpcSs.exe	21492	35640	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
23:36:06.088	SandboxieRpcSs.exe	21492	23848	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
23:38:07.145	SandboxieRpcSs.exe	21492	9700	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
23:40:08.136	SandboxieRpcSs.exe	21492	31972	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
23:44:10.103	SandboxieRpcSs.exe	21492	11220	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
23:46:11.106	SandboxieRpcSs.exe	21492	31576	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
23:48:12.161	SandboxieRpcSs.exe	21492	30668	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
23:50:13.147	SandboxieRpcSs.exe	21492	8636	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
23:54:15.177	SandboxieRpcSs.exe	21492	27284	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
23:56:16.139	SandboxieRpcSs.exe	21492	29432	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
23:58:17.164	SandboxieRpcSs.exe	21492	28904	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:00:18.168	SandboxieRpcSs.exe	21492	31812	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:04:20.200	SandboxieRpcSs.exe	21492	19592	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:06:21.178	SandboxieRpcSs.exe	21492	15012	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:08:22.206	SandboxieRpcSs.exe	21492	13884	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:10:23.252	SandboxieRpcSs.exe	21492	18120	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:14:25.259	SandboxieRpcSs.exe	21492	36360	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:16:26.260	SandboxieRpcSs.exe	21492	23944	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:18:27.244	SandboxieRpcSs.exe	21492	31240	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:20:28.288	SandboxieRpcSs.exe	21492	2200	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:24:30.294	SandboxieRpcSs.exe	21492	33496	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:26:31.286	SandboxieRpcSs.exe	21492	34824	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:28:32.292	SandboxieRpcSs.exe	21492	7172	Debug (U)	Trace (6) 		SetError: 87  (The parameter is incorrect.)
00:30:33.278	SandboxieRpcSs.exe	21492	31468	Debug (U)	Trace (4) 		SetError: 87  (The parameter is incorrect.)

@isaak654 isaak654 added Confirmation pending Further confirmation is requested and removed fixed in next build Fixed in the next Sandboxie version labels Dec 25, 2022
@isaak654 isaak654 reopened this Dec 25, 2022
@DavidXanatos
Copy link
Member

can anyone else confirm this? when I'm testing with signal the fix forks fine.

@DavidXanatos
Copy link
Member

@Animadei where did you get the nla.exe please provide the source so I can try it.

@offhub
Copy link
Collaborator

offhub commented Dec 25, 2022
edited
Loading

For me, it is working with the template changes. (Windows 11 22H2 22621.963 on VM)

noaudio.-.Copy.mp4

@DavidXanatos "where did you get the nla.exe please provide the source so I can try it."

https://www.winsocketdotnetworkprogramming.com/winsock2programming/winsock2advancednsrnr8f.html

Under the "Add the following source code."

@Animadei
Copy link
Author

Animadei commented Dec 26, 2022
edited
Loading

Thanks DavidXanatos and offhub. After offhub mentioned the same OS verison, I rebooted the machine once again and have confirmed the fix does work for both the NLA test from the winsock2advancednsrnr8f.html, Signal, and Chrome.

The NLA test has gotten past the original WSALookupServiceBegin() error as confirmed from this log:

WSAStartup() should be OK!
WSALookupServiceBegin() should be OK!
WSACreateEvent() should be fine!
Querying for Networks...

Network Name: l
Comment (if any): (null)
        NLA Data Type: NLA_CONNECTIVITY
                Network Type: Managed
                Internet connectivity: Yes
        NLA Data Type: NLA_INTERFACE
                Type: 71
                Speed: 588250000
                Adapter Name: {2808572F-19D0-4DBB-9695-524280C9500D}
No more data, exit...

Have no idea what happened except in the past 2 days I had a graphics BSOD that may have messed with the driver setup.

Consider the issue resolved unless it shows up again (let's hope not). Great software product and support. Thank you all, and Merry Christmas!

@isaak654 isaak654 added already fixed Already fixed at some point and removed Confirmation pending Further confirmation is requested labels Dec 26, 2022
@DavidXanatos
Copy link
Member

so we can close it?

@offhub offhub added the Win 11 Windows 11 issues label Jan 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
already fixed Already fixed at some point Issue reproduced Issue reproduced without uncertainties Win 11 Windows 11 issues Workaround Temporary or alternative solution
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@DavidXanatos @offhub @Animadei @isaak654 @OrangeLion84