9d4.9d8: Log file opened: 5.2.8r121009 g_hStartupLog=0000000000000068 g_uNtVerCombined=0xa03ad700 9d4.9d8: \SystemRoot\System32\ntdll.dll: 9d4.9d8: CreationTime: 2017-03-18T20:57:39.201977500Z 9d4.9d8: LastWriteTime: 2017-03-18T20:57:39.201977500Z 9d4.9d8: ChangeTime: 2018-04-04T04:47:42.181105700Z 9d4.9d8: FileAttributes: 0x20 9d4.9d8: Size: 0x1d7450 9d4.9d8: NT Headers: 0xe0 9d4.9d8: Timestamp: 0xb79b6ddb 9d4.9d8: Machine: 0x8664 - amd64 9d4.9d8: Timestamp: 0xb79b6ddb 9d4.9d8: Image Version: 10.0 9d4.9d8: SizeOfImage: 0x1db000 (1945600) 9d4.9d8: Resource Dir: 0x170000 LB 0x69398 9d4.9d8: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 9d4.9d8: [Raw version resource data: 0x1700f0 LB 0x380, codepage 0x0 (reserved 0x0)] 9d4.9d8: ProductName: Microsoft® Windows® Operating System 9d4.9d8: ProductVersion: 10.0.15063.0 9d4.9d8: FileVersion: 10.0.15063.0 (WinBuild.160101.0800) 9d4.9d8: FileDescription: NT Layer DLL 9d4.9d8: \SystemRoot\System32\kernel32.dll: 9d4.9d8: CreationTime: 2017-03-18T20:57:15.887502700Z 9d4.9d8: LastWriteTime: 2017-03-18T20:57:15.887502700Z 9d4.9d8: ChangeTime: 2018-04-04T04:47:39.931076300Z 9d4.9d8: FileAttributes: 0x20 9d4.9d8: Size: 0xad068 9d4.9d8: NT Headers: 0xf8 9d4.9d8: Timestamp: 0x17a3637d 9d4.9d8: Machine: 0x8664 - amd64 9d4.9d8: Timestamp: 0x17a3637d 9d4.9d8: Image Version: 10.0 9d4.9d8: SizeOfImage: 0xae000 (712704) 9d4.9d8: Resource Dir: 0xac000 LB 0x520 9d4.9d8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 9d4.9d8: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] 9d4.9d8: ProductName: Microsoft® Windows® Operating System 9d4.9d8: ProductVersion: 10.0.15063.0 9d4.9d8: FileVersion: 10.0.15063.0 (WinBuild.160101.0800) 9d4.9d8: FileDescription: Windows NT BASE API Client DLL 9d4.9d8: \SystemRoot\System32\KernelBase.dll: 9d4.9d8: CreationTime: 2017-03-18T20:57:35.951701900Z 9d4.9d8: LastWriteTime: 2017-03-18T20:57:35.951701900Z 9d4.9d8: ChangeTime: 2018-04-04T04:47:39.993574700Z 9d4.9d8: FileAttributes: 0x20 9d4.9d8: Size: 0x249bf0 9d4.9d8: NT Headers: 0x100 9d4.9d8: Timestamp: 0x461a0ff5 9d4.9d8: Machine: 0x8664 - amd64 9d4.9d8: Timestamp: 0x461a0ff5 9d4.9d8: Image Version: 10.0 9d4.9d8: SizeOfImage: 0x249000 (2396160) 9d4.9d8: Resource Dir: 0x22a000 LB 0x548 9d4.9d8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 9d4.9d8: [Raw version resource data: 0x22a0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] 9d4.9d8: ProductName: Microsoft® Windows® Operating System 9d4.9d8: ProductVersion: 10.0.15063.0 9d4.9d8: FileVersion: 10.0.15063.0 (WinBuild.160101.0800) 9d4.9d8: FileDescription: Windows NT BASE API Client DLL 9d4.9d8: \SystemRoot\System32\apisetschema.dll: 9d4.9d8: CreationTime: 2017-03-18T20:57:35.373527900Z 9d4.9d8: LastWriteTime: 2017-03-18T20:57:35.373527900Z 9d4.9d8: ChangeTime: 2018-04-04T04:47:21.446473600Z 9d4.9d8: FileAttributes: 0x20 9d4.9d8: Size: 0x1ada0 9d4.9d8: NT Headers: 0xc0 9d4.9d8: Timestamp: 0x76544b2 9d4.9d8: Machine: 0x8664 - amd64 9d4.9d8: Timestamp: 0x76544b2 9d4.9d8: Image Version: 10.0 9d4.9d8: SizeOfImage: 0x1b000 (110592) 9d4.9d8: Resource Dir: 0x1a000 LB 0x408 9d4.9d8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 9d4.9d8: [Raw version resource data: 0x1a060 LB 0x3a8, codepage 0x0 (reserved 0x0)] 9d4.9d8: ProductName: Microsoft® Windows® Operating System 9d4.9d8: ProductVersion: 10.0.15063.0 9d4.9d8: FileVersion: 10.0.15063.0 (WinBuild.160101.0800) 9d4.9d8: FileDescription: ApiSet Schema DLL 9d4.9d8: NtOpenDirectoryObject failed on \Driver: 0xc0000022 9d4.9d8: supR3HardenedWinFindAdversaries: 0x3 9d4.9d8: \SystemRoot\System32\drivers\SysPlant.sys: 9d4.9d8: CreationTime: 2017-11-29T08:50:43.541005400Z 9d4.9d8: LastWriteTime: 2018-03-15T12:16:02.622294500Z 9d4.9d8: ChangeTime: 2018-04-03T15:55:01.504909500Z 9d4.9d8: FileAttributes: 0x20 9d4.9d8: Size: 0x30548 9d4.9d8: NT Headers: 0xf0 9d4.9d8: Timestamp: 0x5a1adc8a 9d4.9d8: Machine: 0x8664 - amd64 9d4.9d8: Timestamp: 0x5a1adc8a 9d4.9d8: Image Version: 5.0 9d4.9d8: SizeOfImage: 0x31000 (200704) 9d4.9d8: Resource Dir: 0x2f000 LB 0x49c 9d4.9d8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 9d4.9d8: [Raw version resource data: 0x2f0b8 LB 0x3e4, codepage 0x4e4 (reserved 0x0)] 9d4.9d8: ProductName: Symantec CMC Firewall 9d4.9d8: ProductVersion: 14.0.3856.1100 9d4.9d8: FileVersion: 14.0.3856.1100 9d4.9d8: FileDescription: Symantec CMC Firewall SysPlant 9d4.9d8: \SystemRoot\System32\sysfer.dll: 9d4.9d8: CreationTime: 2017-11-29T08:50:43.395898800Z 9d4.9d8: LastWriteTime: 2018-03-15T12:16:02.606653000Z 9d4.9d8: ChangeTime: 2018-04-03T16:21:27.407406100Z 9d4.9d8: FileAttributes: 0x20 9d4.9d8: Size: 0x7cee8 9d4.9d8: NT Headers: 0xf8 9d4.9d8: Timestamp: 0x5a1adc96 9d4.9d8: Machine: 0x8664 - amd64 9d4.9d8: Timestamp: 0x5a1adc96 9d4.9d8: Image Version: 0.0 9d4.9d8: SizeOfImage: 0x95000 (610304) 9d4.9d8: Resource Dir: 0x91000 LB 0x490 9d4.9d8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 9d4.9d8: [Raw version resource data: 0x910b8 LB 0x3d8, codepage 0x4e4 (reserved 0x0)] 9d4.9d8: ProductName: Symantec CMC Firewall 9d4.9d8: ProductVersion: 14.0.3856.1100 9d4.9d8: FileVersion: 14.0.3856.1100 9d4.9d8: FileDescription: Symantec CMC Firewall sysfer 9d4.9d8: \SystemRoot\System32\drivers\symevent64x86.sys: 9d4.9d8: CreationTime: 2017-11-29T08:53:05.303638500Z 9d4.9d8: LastWriteTime: 2017-11-29T08:53:04.933809100Z 9d4.9d8: ChangeTime: 2018-04-03T15:55:01.504909500Z 9d4.9d8: FileAttributes: 0x20 9d4.9d8: Size: 0x190d0 9d4.9d8: NT Headers: 0xe0 9d4.9d8: Timestamp: 0x584f629e 9d4.9d8: Machine: 0x8664 - amd64 9d4.9d8: Timestamp: 0x584f629e 9d4.9d8: Image Version: 6.2 9d4.9d8: SizeOfImage: 0x23000 (143360) 9d4.9d8: Resource Dir: 0x21000 LB 0x3c8 9d4.9d8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 9d4.9d8: [Raw version resource data: 0x210b8 LB 0x310, codepage 0x4e4 (reserved 0x0)] 9d4.9d8: ProductName: SYMEVENT 9d4.9d8: ProductVersion: 14.0.4.16 9d4.9d8: FileVersion: 14.0.4.16 9d4.9d8: FileDescription: Symantec Event Library 9d4.9d8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox' 9d4.9d8: Calling main() 9d4.9d8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 9d4.9d8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox' 9d4.9d8: SUPR3HardenedMain: Respawn #1 9d4.9d8: System32: \Device\HarddiskVolume1\Windows\System32 9d4.9d8: WinSxS: \Device\HarddiskVolume1\Windows\WinSxS 9d4.9d8: KnownDllPath: C:\WINDOWS\System32 9d4.9d8: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 9d4.9d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe) 9d4.9d8: supR3HardNtEnableThreadCreation: 9d4.9d8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff9068d9ad0 pvNtTerminateThread=00007ff906905e00 9d4.9d8: supR3HardenedWinDoReSpawn(1): New child 293c.2ac4 [kernel32]. 9d4.9d8: supR3HardNtChildGatherData: PebBaseAddress=000000000086c000 cbPeb=0x388 9d4.9d8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff906860000 uNtDllChildAddr=00007ff906860000 9d4.9d8: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff9068d9ad0 9d4.9d8: supR3HardenedWinSetupChildInit: Start child. 9d4.9d8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 9d4.9d8: supR3HardNtChildPurify: Startup delay kludge #1/0: 515 ms, 33 sleeps 9d4.9d8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 9d4.9d8: *0000000000000000-000000000076ffff 0x0001/0x0000 0x0000000 9d4.9d8: *0000000000770000-000000000078ffff 0x0004/0x0004 0x0020000 9d4.9d8: *0000000000790000-00000000007a7fff 0x0002/0x0002 0x0040000 9d4.9d8: 00000000007a8000-00000000007affff 0x0001/0x0000 0x0000000 9d4.9d8: *00000000007b0000-00000000007b3fff 0x0002/0x0002 0x0040000 9d4.9d8: 00000000007b4000-00000000007bffff 0x0001/0x0000 0x0000000 9d4.9d8: *00000000007c0000-00000000007c0fff 0x0004/0x0004 0x0020000 9d4.9d8: 00000000007c1000-00000000007fffff 0x0001/0x0000 0x0000000 9d4.9d8: *0000000000800000-000000000086bfff 0x0000/0x0004 0x0020000 9d4.9d8: 000000000086c000-000000000086efff 0x0004/0x0004 0x0020000 9d4.9d8: 000000000086f000-00000000009fffff 0x0000/0x0004 0x0020000 9d4.9d8: *0000000000a00000-0000000000afafff 0x0000/0x0004 0x0020000 9d4.9d8: 0000000000afb000-0000000000afdfff 0x0104/0x0004 0x0020000 9d4.9d8: 0000000000afe000-0000000000afffff 0x0004/0x0004 0x0020000 9d4.9d8: 0000000000b00000-000000007ffdffff 0x0001/0x0000 0x0000000 9d4.9d8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 9d4.9d8: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000 9d4.9d8: 000000007fff0000-00007ff7bbf3ffff 0x0001/0x0000 0x0000000 9d4.9d8: *00007ff7bbf40000-00007ff7bbf62fff 0x0002/0x0002 0x0040000 9d4.9d8: 00007ff7bbf63000-00007ff7bc9effff 0x0001/0x0000 0x0000000 9d4.9d8: *00007ff7bc9f0000-00007ff7bc9f0fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bc9f1000-00007ff7bca61fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bca62000-00007ff7bca62fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bca63000-00007ff7bcaa8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bcaa9000-00007ff7bcaa9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bcaaa000-00007ff7bcaaafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bcaab000-00007ff7bcaaffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bcab0000-00007ff7bcab0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bcab1000-00007ff7bcab1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bcab2000-00007ff7bcab5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bcab6000-00007ff7bcafdfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bcafe000-00007ff7bcafffff 0x0001/0x0000 0x0000000 9d4.9d8: *00007ff7bcb00000-00007ff7bcb00fff 0x0004/0x0004 0x0020000 9d4.9d8: 00007ff7bcb01000-00007ff90685ffff 0x0001/0x0000 0x0000000 9d4.9d8: *00007ff906860000-00007ff906860fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff906861000-00007ff90696ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff906970000-00007ff9069b4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff9069b5000-00007ff9069bcfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff9069bd000-00007ff9069cafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff9069cb000-00007ff9069cbfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff9069cc000-00007ff9069cefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff9069cf000-00007ff906a3afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff906a3b000-00007ffffffdffff 0x0001/0x0000 0x0000000 9d4.9d8: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000 9d4.9d8: VirtualBox.exe: timestamp 0x5a942b95 (rc=VINF_SUCCESS) 9d4.9d8: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 9d4.9d8: VirtualBox.exe: Differences in section #0 (headers) between file and memory: 9d4.9d8: 00007ff7bc9f0162 / 0x0000162: 00 != 11 9d4.9d8: 00007ff7bc9f0164 / 0x0000164: 00 != 14 9d4.9d8: Restored 0x400 bytes of original file content at 00007ff7bc9f0000 9d4.9d8: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports 9d4.9d8: supR3HardNtChildPurify: cFixes=1 g_fSupAdversaries=0x3 9d4.9d8: supR3HardNtChildPurify: Startup delay kludge #1/1: 515 ms, 32 sleeps 9d4.9d8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 9d4.9d8: *0000000000000000-000000000076ffff 0x0001/0x0000 0x0000000 9d4.9d8: *0000000000770000-000000000078ffff 0x0004/0x0004 0x0020000 9d4.9d8: *0000000000790000-00000000007a7fff 0x0002/0x0002 0x0040000 9d4.9d8: 00000000007a8000-00000000007affff 0x0001/0x0000 0x0000000 9d4.9d8: *00000000007b0000-00000000007b3fff 0x0002/0x0002 0x0040000 9d4.9d8: 00000000007b4000-00000000007bffff 0x0001/0x0000 0x0000000 9d4.9d8: *00000000007c0000-00000000007c0fff 0x0004/0x0004 0x0020000 9d4.9d8: 00000000007c1000-00000000007fffff 0x0001/0x0000 0x0000000 9d4.9d8: *0000000000800000-000000000086bfff 0x0000/0x0004 0x0020000 9d4.9d8: 000000000086c000-000000000086efff 0x0004/0x0004 0x0020000 9d4.9d8: 000000000086f000-00000000009fffff 0x0000/0x0004 0x0020000 9d4.9d8: *0000000000a00000-0000000000afafff 0x0000/0x0004 0x0020000 9d4.9d8: 0000000000afb000-0000000000afdfff 0x0104/0x0004 0x0020000 9d4.9d8: 0000000000afe000-0000000000afffff 0x0004/0x0004 0x0020000 9d4.9d8: 0000000000b00000-000000007ffdffff 0x0001/0x0000 0x0000000 9d4.9d8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 9d4.9d8: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000 9d4.9d8: 000000007fff0000-00007ff7bbf3ffff 0x0001/0x0000 0x0000000 9d4.9d8: *00007ff7bbf40000-00007ff7bbf62fff 0x0002/0x0002 0x0040000 9d4.9d8: 00007ff7bbf63000-00007ff7bc9effff 0x0001/0x0000 0x0000000 9d4.9d8: *00007ff7bc9f0000-00007ff7bc9f0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bc9f1000-00007ff7bca61fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bca62000-00007ff7bca62fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bca63000-00007ff7bcaa8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bcaa9000-00007ff7bcab5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bcab6000-00007ff7bcafdfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe 9d4.9d8: 00007ff7bcafe000-00007ff7bcafffff 0x0001/0x0000 0x0000000 9d4.9d8: *00007ff7bcb00000-00007ff7bcb00fff 0x0004/0x0004 0x0020000 9d4.9d8: 00007ff7bcb01000-00007ff90685ffff 0x0001/0x0000 0x0000000 9d4.9d8: *00007ff906860000-00007ff906860fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff906861000-00007ff90696ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff906970000-00007ff9069b4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff9069b5000-00007ff9069b8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff9069b9000-00007ff9069bcfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff9069bd000-00007ff9069cafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff9069cb000-00007ff9069cbfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff9069cc000-00007ff9069cefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff9069cf000-00007ff906a3afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll 9d4.9d8: 00007ff906a3b000-00007ffffffdffff 0x0001/0x0000 0x0000000 9d4.9d8: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000 9d4.9d8: supR3HardNtChildPurify: Done after 1093 ms and 1 fixes (loop #1). 9d4.9d8: supR3HardNtEnableThreadCreation: 293c.2ac4: Log file opened: 5.2.8r121009 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03ad700 293c.2ac4: supR3HardenedVmProcessInit: uNtDllAddr=00007ff906860000 g_uNtVerCombined=0xa03ad700 293c.2ac4: ntdll.dll: timestamp 0xb79b6ddb (rc=VINF_SUCCESS) 293c.2ac4: New simple heap: #1 0000000000c00000 LB 0x400000 (for 1945600 allocation) 293c.2ac4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox' 293c.2ac4: System32: \Device\HarddiskVolume1\Windows\System32 293c.2ac4: WinSxS: \Device\HarddiskVolume1\Windows\WinSxS 293c.2ac4: KnownDllPath: C:\WINDOWS\System32 293c.2ac4: supR3HardenedVmProcessInit: Opening vboxdrv stub... 293c.2ac4: Error opening VBoxDrvStub: STATUS_OBJECT_NAME_NOT_FOUND 293c.2ac4: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc0000034 293c.2ac4: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3) 293c.2ac4: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help. 9d4.9d8: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help. 9d4.9d8: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3) 9d4.9d8: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.