15d8.15bc: Log file opened: 5.2.20r125813 g_hStartupLog=0000000000000020 g_uNtVerCombined=0x611db110 15d8.15bc: \SystemRoot\System32\ntdll.dll: 15d8.15bc: CreationTime: 2018-10-10T05:48:06.711103400Z 15d8.15bc: LastWriteTime: 2018-09-09T01:01:09.217925500Z 15d8.15bc: ChangeTime: 2018-10-10T05:57:03.131384000Z 15d8.15bc: FileAttributes: 0x20 15d8.15bc: Size: 0x196540 15d8.15bc: NT Headers: 0xe0 15d8.15bc: Timestamp: 0x5b9470be 15d8.15bc: Machine: 0x8664 - amd64 15d8.15bc: Timestamp: 0x5b9470be 15d8.15bc: Image Version: 6.1 15d8.15bc: SizeOfImage: 0x19f000 (1699840) 15d8.15bc: Resource Dir: 0x142000 LB 0x5a028 15d8.15bc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 15d8.15bc: [Raw version resource data: 0x1420f0 LB 0x380, codepage 0x0 (reserved 0x0)] 15d8.15bc: ProductName: Microsoft® Windows® Operating System 15d8.15bc: ProductVersion: 6.1.7601.24260 15d8.15bc: FileVersion: 6.1.7601.24260 (win7sp1_ldr.180908-0600) 15d8.15bc: FileDescription: NT Layer DLL 15d8.15bc: \SystemRoot\System32\kernel32.dll: 15d8.15bc: CreationTime: 2018-10-10T05:48:04.943894800Z 15d8.15bc: LastWriteTime: 2018-09-09T00:58:53.133000000Z 15d8.15bc: ChangeTime: 2018-10-10T05:57:03.661785000Z 15d8.15bc: FileAttributes: 0x20 15d8.15bc: Size: 0x11c000 15d8.15bc: NT Headers: 0xe0 15d8.15bc: Timestamp: 0x5b9470f3 15d8.15bc: Machine: 0x8664 - amd64 15d8.15bc: Timestamp: 0x5b9470f3 15d8.15bc: Image Version: 6.1 15d8.15bc: SizeOfImage: 0x11f000 (1175552) 15d8.15bc: Resource Dir: 0x116000 LB 0x528 15d8.15bc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 15d8.15bc: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] 15d8.15bc: ProductName: Microsoft® Windows® Operating System 15d8.15bc: ProductVersion: 6.1.7601.24260 15d8.15bc: FileVersion: 6.1.7601.24260 (win7sp1_ldr.180908-0600) 15d8.15bc: FileDescription: Windows NT BASE API Client DLL 15d8.15bc: \SystemRoot\System32\KernelBase.dll: 15d8.15bc: CreationTime: 2018-10-10T05:48:07.049704600Z 15d8.15bc: LastWriteTime: 2018-09-09T00:58:53.163000000Z 15d8.15bc: ChangeTime: 2018-10-10T05:57:03.646184900Z 15d8.15bc: FileAttributes: 0x20 15d8.15bc: Size: 0x66800 15d8.15bc: NT Headers: 0xe8 15d8.15bc: Timestamp: 0x5b9470f4 15d8.15bc: Machine: 0x8664 - amd64 15d8.15bc: Timestamp: 0x5b9470f4 15d8.15bc: Image Version: 6.1 15d8.15bc: SizeOfImage: 0x6a000 (434176) 15d8.15bc: Resource Dir: 0x68000 LB 0x530 15d8.15bc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 15d8.15bc: [Raw version resource data: 0x680b0 LB 0x3ac, codepage 0x0 (reserved 0x0)] 15d8.15bc: ProductName: Microsoft® Windows® Operating System 15d8.15bc: ProductVersion: 6.1.7601.24260 15d8.15bc: FileVersion: 6.1.7601.24260 (win7sp1_ldr.180908-0600) 15d8.15bc: FileDescription: Windows NT BASE API Client DLL 15d8.15bc: \SystemRoot\System32\apisetschema.dll: 15d8.15bc: CreationTime: 2018-10-10T05:48:03.544690000Z 15d8.15bc: LastWriteTime: 2018-09-09T00:57:42.822000000Z 15d8.15bc: ChangeTime: 2018-10-10T05:57:03.100184000Z 15d8.15bc: FileAttributes: 0x20 15d8.15bc: Size: 0x1a00 15d8.15bc: NT Headers: 0xc0 15d8.15bc: Timestamp: 0x5b94704b 15d8.15bc: Machine: 0x8664 - amd64 15d8.15bc: Timestamp: 0x5b94704b 15d8.15bc: Image Version: 6.1 15d8.15bc: SizeOfImage: 0x50000 (327680) 15d8.15bc: Resource Dir: 0x30000 LB 0x3f8 15d8.15bc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 15d8.15bc: [Raw version resource data: 0x30060 LB 0x398, codepage 0x0 (reserved 0x0)] 15d8.15bc: ProductName: Microsoft® Windows® Operating System 15d8.15bc: ProductVersion: 6.1.7601.24260 15d8.15bc: FileVersion: 6.1.7601.24260 (win7sp1_ldr.180908-0600) 15d8.15bc: FileDescription: ApiSet Schema DLL 15d8.15bc: NtOpenDirectoryObject failed on \Driver: 0xc0000022 15d8.15bc: supR3HardenedWinFindAdversaries: 0x0 15d8.15bc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' 15d8.15bc: Calling main() 15d8.15bc: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0 15d8.15bc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' 15d8.15bc: SUPR3HardenedMain: Respawn #1 15d8.15bc: System32: \Device\HarddiskVolume2\Windows\System32 15d8.15bc: WinSxS: \Device\HarddiskVolume2\Windows\winsxs 15d8.15bc: KnownDllPath: C:\Windows\system32 15d8.15bc: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports 15d8.15bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe) 15d8.15bc: supR3HardNtEnableThreadCreation: 15d8.15bc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076fa3710 pvNtTerminateThread=0000000076fc9db0 15d8.15bc: supR3HardenedWinDoReSpawn(1): New child 12bc.1564 [kernel32]. 15d8.15bc: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380 15d8.15bc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076f60000 uNtDllChildAddr=0000000076f60000 15d8.15bc: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076fa3710 15d8.15bc: supR3HardenedWinSetupChildInit: Start child. 15d8.15bc: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 15d8.15bc: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 33 sleeps 15d8.15bc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 15d8.15bc: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000 15d8.15bc: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000 15d8.15bc: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000 15d8.15bc: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000 15d8.15bc: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000 15d8.15bc: 0000000000041000-000000000010ffff 0x0001/0x0000 0x0000000 15d8.15bc: *0000000000110000-000000000020bfff 0x0000/0x0004 0x0020000 15d8.15bc: 000000000020c000-000000000020dfff 0x0104/0x0004 0x0020000 15d8.15bc: 000000000020e000-000000000020ffff 0x0004/0x0004 0x0020000 15d8.15bc: 0000000000210000-0000000076f5ffff 0x0001/0x0000 0x0000000 15d8.15bc: *0000000076f60000-0000000076f60fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 15d8.15bc: 0000000076f61000-0000000077084fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 15d8.15bc: 0000000077085000-000000007708afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 15d8.15bc: 000000007708b000-000000007708bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 15d8.15bc: 000000007708c000-0000000077093fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 15d8.15bc: 0000000077094000-00000000770fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll 15d8.15bc: 00000000770ff000-000000007efdffff 0x0001/0x0000 0x0000000 15d8.15bc: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000 15d8.15bc: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 15d8.15bc: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000 15d8.15bc: 000000007fff0000-000000013f90ffff 0x0001/0x0000 0x0000000 15d8.15bc: *000000013f910000-000000013f910fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 15d8.15bc: 000000013f911000-000000013f981fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 15d8.15bc: 000000013f982000-000000013f982fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 15d8.15bc: 000000013f983000-000000013f9c8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 15d8.15bc: 000000013f9c9000-000000013f9c9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 15d8.15bc: 000000013f9ca000-000000013f9cafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 15d8.15bc: 000000013f9cb000-000000013f9cffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 15d8.15bc: 000000013f9d0000-000000013f9d0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 15d8.15bc: 000000013f9d1000-000000013f9d1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 15d8.15bc: 000000013f9d2000-000000013f9d5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 15d8.15bc: 000000013f9d6000-000000013fa1dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 15d8.15bc: 000000013fa1e000-000007feff25ffff 0x0001/0x0000 0x0000000 15d8.15bc: *000007feff260000-000007feff260fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll 15d8.15bc: 000007feff261000-000007fffffaffff 0x0001/0x0000 0x0000000 15d8.15bc: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000 15d8.15bc: 000007fffffd3000-000007fffffdcfff 0x0001/0x0000 0x0000000 15d8.15bc: *000007fffffdd000-000007fffffdefff 0x0004/0x0004 0x0020000 15d8.15bc: *000007fffffdf000-000007fffffdffff 0x0004/0x0004 0x0020000 15d8.15bc: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000 15d8.15bc: apisetschema.dll: timestamp 0x5b94704b (rc=VINF_SUCCESS) 15d8.15bc: VBoxHeadless.exe: timestamp 0x5bc4a009 (rc=VINF_SUCCESS) 15d8.15bc: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports 15d8.15bc: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports 15d8.15bc: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports 15d8.15bc: supR3HardNtChildPurify: Done after 310 ms and 0 fixes (loop #0). 12bc.1564: Log file opened: 5.2.20r125813 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100 12bc.1564: supR3HardenedVmProcessInit: uNtDllAddr=0000000076f60000 g_uNtVerCombined=0x611db100 15d8.15bc: supR3HardNtEnableThreadCreation: 12bc.1564: ntdll.dll: timestamp 0x5b9470be (rc=VINF_SUCCESS) 12bc.1564: New simple heap: #1 0000000000310000 LB 0x400000 (for 1699840 allocation) 12bc.1564: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox' 12bc.1564: System32: \Device\HarddiskVolume2\Windows\System32 12bc.1564: WinSxS: \Device\HarddiskVolume2\Windows\winsxs 12bc.1564: KnownDllPath: C:\Windows\system32 12bc.1564: supR3HardenedVmProcessInit: Opening vboxdrv stub... 12bc.1564: Error opening VBoxDrvStub: STATUS_OBJECT_NAME_NOT_FOUND 12bc.1564: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc0000034 12bc.1564: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3) 12bc.1564: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help. 15d8.15bc: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help. 15d8.15bc: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3) 15d8.15bc: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.