1704.328: Log file opened: 4.3.28r100309 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110 1704.328: \SystemRoot\System32\ntdll.dll: 1704.328: CreationTime: 2015-05-14T15:59:56.504967300Z 1704.328: LastWriteTime: 2015-04-27T19:26:21.002829700Z 1704.328: ChangeTime: 2015-05-16T01:04:13.314453100Z 1704.328: FileAttributes: 0x20 1704.328: Size: 0x1a61c0 1704.328: NT Headers: 0xe0 1704.328: Timestamp: 0x553e8bfa 1704.328: Machine: 0x8664 - amd64 1704.328: Timestamp: 0x553e8bfa 1704.328: Image Version: 6.1 1704.328: SizeOfImage: 0x1a9000 (1740800) 1704.328: Resource Dir: 0x14d000 LB 0x5a028 1704.328: ProductName: Microsoft® Windows® Operating System 1704.328: ProductVersion: 6.1.7601.18839 1704.328: FileVersion: 6.1.7601.18839 (win7sp1_gdr.150427-0707) 1704.328: FileDescription: NT Layer DLL 1704.328: \SystemRoot\System32\kernel32.dll: 1704.328: CreationTime: 2015-05-14T15:59:53.028271300Z 1704.328: LastWriteTime: 2015-04-27T19:23:19.575000000Z 1704.328: ChangeTime: 2015-05-16T01:04:13.804687500Z 1704.328: FileAttributes: 0x20 1704.328: Size: 0x11be00 1704.328: NT Headers: 0xe8 1704.328: Timestamp: 0x553e8c16 1704.328: Machine: 0x8664 - amd64 1704.328: Timestamp: 0x553e8c16 1704.328: Image Version: 6.1 1704.328: SizeOfImage: 0x11f000 (1175552) 1704.328: Resource Dir: 0x116000 LB 0x528 1704.328: ProductName: Microsoft® Windows® Operating System 1704.328: ProductVersion: 6.1.7601.18839 1704.328: FileVersion: 6.1.7601.18839 (win7sp1_gdr.150427-0707) 1704.328: FileDescription: Windows NT BASE API Client DLL 1704.328: \SystemRoot\System32\KernelBase.dll: 1704.328: CreationTime: 2015-05-14T15:59:52.561456500Z 1704.328: LastWriteTime: 2015-04-27T19:23:19.575000000Z 1704.328: ChangeTime: 2015-05-16T01:04:13.823242100Z 1704.328: FileAttributes: 0x20 1704.328: Size: 0x67a00 1704.328: NT Headers: 0xe8 1704.328: Timestamp: 0x553e8c17 1704.328: Machine: 0x8664 - amd64 1704.328: Timestamp: 0x553e8c17 1704.328: Image Version: 6.1 1704.328: SizeOfImage: 0x6c000 (442368) 1704.328: Resource Dir: 0x6a000 LB 0x530 1704.328: ProductName: Microsoft® Windows® Operating System 1704.328: ProductVersion: 6.1.7601.18839 1704.328: FileVersion: 6.1.7601.18839 (win7sp1_gdr.150427-0707) 1704.328: FileDescription: Windows NT BASE API Client DLL 1704.328: \SystemRoot\System32\apisetschema.dll: 1704.328: CreationTime: 2015-05-14T15:59:51.002802900Z 1704.328: LastWriteTime: 2015-04-27T19:16:38.257000000Z 1704.328: ChangeTime: 2015-05-16T01:04:13.091796800Z 1704.328: FileAttributes: 0x20 1704.328: Size: 0x1a00 1704.328: NT Headers: 0xc0 1704.328: Timestamp: 0x553e8b58 1704.328: Machine: 0x8664 - amd64 1704.328: Timestamp: 0x553e8b58 1704.328: Image Version: 6.1 1704.328: SizeOfImage: 0x50000 (327680) 1704.328: Resource Dir: 0x30000 LB 0x3f8 1704.328: ProductName: Microsoft® Windows® Operating System 1704.328: ProductVersion: 6.1.7601.18839 1704.328: FileVersion: 6.1.7601.18839 (win7sp1_gdr.150427-0707) 1704.328: FileDescription: ApiSet Schema DLL 1704.328: NtOpenDirectoryObject failed on \Driver: 0xc0000022 1704.328: supR3HardenedWinFindAdversaries: 0x80 1704.328: \SystemRoot\System32\drivers\MBAMSwissArmy.sys: 1704.328: CreationTime: 2014-04-25T23:32:02.159828000Z 1704.328: LastWriteTime: 2014-06-29T17:15:18.314453100Z 1704.328: ChangeTime: 2014-06-29T17:15:18.314453100Z 1704.328: FileAttributes: 0x20 1704.328: Size: 0x1d2d8 1704.328: NT Headers: 0xd8 1704.328: Timestamp: 0x53069476 1704.328: Machine: 0x8664 - amd64 1704.328: Timestamp: 0x53069476 1704.328: Image Version: 6.1 1704.328: SizeOfImage: 0x20000 (131072) 1704.328: Resource Dir: 0x1f000 LB 0x3e8 1704.328: ProductName: Malwarebytes Anti-Malware 1704.328: ProductVersion: 0.1.4.0 1704.328: FileVersion: 0.1.4.0 1704.328: FileDescription: Malwarebytes Anti-Malware 1704.328: \SystemRoot\System32\drivers\mwac.sys: 1704.328: CreationTime: 2014-04-25T23:31:50.090288000Z 1704.328: LastWriteTime: 2014-04-03T07:51:16.000000000Z 1704.328: ChangeTime: 2014-04-25T23:31:50.101029500Z 1704.328: FileAttributes: 0x20 1704.328: Size: 0xf6d8 1704.328: NT Headers: 0xf8 1704.328: Timestamp: 0x5315f51b 1704.328: Machine: 0x8664 - amd64 1704.328: Timestamp: 0x5315f51b 1704.328: Image Version: 6.2 1704.328: SizeOfImage: 0x12000 (73728) 1704.328: Resource Dir: 0x10000 LB 0x3e8 1704.328: ProductName: Malwarebytes Web Access Control 1704.328: ProductVersion: 0.2.23.0 1704.328: FileVersion: 0.2.23.0 1704.328: FileDescription: Malwarebytes Web Access Control 1704.328: \SystemRoot\System32\drivers\mbamchameleon.sys: 1704.328: CreationTime: 2014-04-25T23:31:50.102982500Z 1704.328: LastWriteTime: 2014-04-03T07:51:04.000000000Z 1704.328: ChangeTime: 2014-04-25T23:31:50.114700500Z 1704.328: FileAttributes: 0x20 1704.328: Size: 0x158d8 1704.328: NT Headers: 0xe0 1704.328: Timestamp: 0x5310cc34 1704.328: Machine: 0x8664 - amd64 1704.328: Timestamp: 0x5310cc34 1704.328: Image Version: 6.1 1704.328: SizeOfImage: 0x1a000 (106496) 1704.328: Resource Dir: 0x18000 LB 0xb60 1704.328: ProductName: Malwarebytes Chameleon 1704.328: ProductVersion: 0.0.45.0 1704.328: FileVersion: 0.0.45.0 1704.328: FileDescription: Malwarebytes Chameleon Protection Driver 1704.328: \SystemRoot\System32\drivers\mbam.sys: 1704.328: CreationTime: 2014-04-25T23:31:50.082476000Z 1704.328: LastWriteTime: 2014-04-03T07:50:58.000000000Z 1704.328: ChangeTime: 2014-04-25T23:31:50.089311500Z 1704.328: FileAttributes: 0x20 1704.328: Size: 0x64d8 1704.328: NT Headers: 0xd8 1704.328: Timestamp: 0x52712fc1 1704.328: Machine: 0x8664 - amd64 1704.328: Timestamp: 0x52712fc1 1704.328: Image Version: 6.1 1704.328: SizeOfImage: 0xa000 (40960) 1704.328: Resource Dir: 0x8000 LB 0x3d0 1704.328: ProductName: Malwarebytes Anti-Malware 1704.328: ProductVersion: 0.1.13.0 1704.328: FileVersion: 0.1.13.0 1704.328: FileDescription: Malwarebytes Anti-Malware 1704.328: Calling main() 1704.328: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 1704.328: SUPR3HardenedMain: Respawn #1 1704.328: System32: \Device\HarddiskVolume3\Windows\System32 1704.328: WinSxS: \Device\HarddiskVolume3\Windows\winsxs 1704.328: KnownDllPath: C:\Windows\system32 1704.328: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1704.328: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1704.328: supR3HardNtEnableThreadCreation: 1704.328: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076d6b780 pvNtTerminateThread=0000000076d8e0e0 1704.328: supR3HardenedWinDoReSpawn(1): New child 1328.7b4 [kernel32]. 1704.328: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380 1704.328: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076d40000 uNtDllChildAddr=0000000076d40000 1704.328: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000076d6b780 1704.328: supR3HardenedWinSetupChildInit: Start child. 1704.328: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 1704.328: supR3HardNtChildPurify: Startup delay kludge #1/0: 516 ms, 33 sleeps 1704.328: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 1704.328: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000 1704.328: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000 1704.328: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000 1704.328: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000 1704.328: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000 1704.328: 0000000000041000-fffffffffff41fff 0x0001/0x0000 0x0000000 1704.328: *0000000000140000-0000000000043fff 0x0000/0x0004 0x0020000 1704.328: 000000000023c000-0000000000238fff 0x0104/0x0004 0x0020000 1704.328: 000000000023f000-000000000023dfff 0x0004/0x0004 0x0020000 1704.328: 0000000000240000-ffffffff8973ffff 0x0001/0x0000 0x0000000 1704.328: *0000000076d40000-0000000076d40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1704.328: 0000000076d41000-0000000076e3efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1704.328: 0000000076e3f000-0000000076e6dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1704.328: 0000000076e6e000-0000000076e75fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1704.328: 0000000076e76000-0000000076e76fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1704.328: 0000000076e77000-0000000076e79fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1704.328: 0000000076e7a000-0000000076ee8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 1704.328: 0000000076ee9000-000000006edf1fff 0x0001/0x0000 0x0000000 1704.328: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000 1704.328: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000 1704.328: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000 1704.328: 000000007fff0000-ffffffffc08fffff 0x0001/0x0000 0x0000000 1704.328: *000000013f6e0000-000000013f6e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1704.328: 000000013f6e1000-000000013f765fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1704.328: 000000013f766000-000000013f766fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1704.328: 000000013f767000-000000013f7a4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1704.328: 000000013f7a5000-000000013f7a5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1704.328: 000000013f7a6000-000000013f7a6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1704.328: 000000013f7a7000-000000013f7a8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1704.328: 000000013f7a9000-000000013f7a9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1704.328: 000000013f7aa000-000000013f7aafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1704.328: 000000013f7ab000-000000013f7aefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1704.328: 000000013f7af000-000000013f7e7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe 1704.328: 000000013f7e8000-fffff8037ff6ffff 0x0001/0x0000 0x0000000 1704.328: *000007feff060000-000007feff060fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apisetschema.dll 1704.328: 000007feff061000-000007fdfe111fff 0x0001/0x0000 0x0000000 1704.328: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000 1704.328: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000 1704.328: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000 1704.328: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000 1704.328: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000 1704.328: apisetschema.dll: timestamp 0x553e8b58 (rc=VINF_SUCCESS) 1704.328: VirtualBox.exe: timestamp 0x555369a5 (rc=VINF_SUCCESS) 1704.328: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1704.328: '\Device\HarddiskVolume3\Windows\System32\apisetschema.dll' has no imports 1704.328: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports 1704.328: supR3HardNtChildPurify: Done after 531 ms and 0 fixes (loop #0). 1328.7b4: Log file opened: 4.3.28r100309 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110 1328.7b4: supR3HardenedVmProcessInit: uNtDllAddr=0000000076d40000 1328.7b4: ntdll.dll: timestamp 0x553e8bfa (rc=VINF_SUCCESS) 1328.7b4: New simple heap: #1 0000000000340000 LB 0x400000 (for 1740800 allocation) 1704.328: supR3HardNtEnableThreadCreation: 1328.7b4: System32: \Device\HarddiskVolume3\Windows\System32 1328.7b4: WinSxS: \Device\HarddiskVolume3\Windows\winsxs 1328.7b4: KnownDllPath: C:\Windows\system32 1328.7b4: supR3HardenedVmProcessInit: Opening vboxdrv stub... 1328.7b4: Error opening VBoxDrvStub: STATUS_OBJECT_NAME_NOT_FOUND 1328.7b4: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc0000034 1328.7b4: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3) 1328.7b4: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help. 1704.328: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help. 1704.328: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3) 1704.328: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.