28a8.2fa0: Log file opened: 6.0.8r130520 g_hStartupLog=0000000000000068 g_uNtVerCombined=0xa042ee00 28a8.2fa0: \SystemRoot\System32\ntdll.dll: 28a8.2fa0: CreationTime: 2019-02-13T19:44:15.534862400Z 28a8.2fa0: LastWriteTime: 2019-01-09T05:39:12.294139300Z 28a8.2fa0: ChangeTime: 2019-05-14T20:47:41.653144300Z 28a8.2fa0: FileAttributes: 0x20 28a8.2fa0: Size: 0x1da658 28a8.2fa0: NT Headers: 0xe8 28a8.2fa0: Timestamp: 0x74bed8b0 28a8.2fa0: Machine: 0x8664 - amd64 28a8.2fa0: Timestamp: 0x74bed8b0 28a8.2fa0: Image Version: 10.0 28a8.2fa0: SizeOfImage: 0x1e1000 (1970176) 28a8.2fa0: Resource Dir: 0x174000 LB 0x6b3e8 28a8.2fa0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 28a8.2fa0: [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)] 28a8.2fa0: ProductName: Microsoft® Windows® Operating System 28a8.2fa0: ProductVersion: 10.0.17134.556 28a8.2fa0: FileVersion: 10.0.17134.556 (WinBuild.160101.0800) 28a8.2fa0: FileDescription: NT Layer DLL 28a8.2fa0: \SystemRoot\System32\kernel32.dll: 28a8.2fa0: CreationTime: 2019-05-14T20:39:05.939878200Z 28a8.2fa0: LastWriteTime: 2019-04-19T10:54:56.743034000Z 28a8.2fa0: ChangeTime: 2019-05-15T00:13:47.040161400Z 28a8.2fa0: FileAttributes: 0x20 28a8.2fa0: Size: 0xafd48 28a8.2fa0: NT Headers: 0xe8 28a8.2fa0: Timestamp: 0xda2d7146 28a8.2fa0: Machine: 0x8664 - amd64 28a8.2fa0: Timestamp: 0xda2d7146 28a8.2fa0: Image Version: 10.0 28a8.2fa0: SizeOfImage: 0xb1000 (724992) 28a8.2fa0: Resource Dir: 0xaf000 LB 0x520 28a8.2fa0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 28a8.2fa0: [Raw version resource data: 0xaf0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] 28a8.2fa0: ProductName: Microsoft® Windows® Operating System 28a8.2fa0: ProductVersion: 10.0.17134.753 28a8.2fa0: FileVersion: 10.0.17134.753 (WinBuild.160101.0800) 28a8.2fa0: FileDescription: Windows NT BASE API Client DLL 28a8.2fa0: \SystemRoot\System32\KernelBase.dll: 28a8.2fa0: CreationTime: 2019-05-14T20:39:00.940221100Z 28a8.2fa0: LastWriteTime: 2019-04-19T05:06:18.050469100Z 28a8.2fa0: ChangeTime: 2019-05-15T00:13:47.243255000Z 28a8.2fa0: FileAttributes: 0x20 28a8.2fa0: Size: 0x273d70 28a8.2fa0: NT Headers: 0xf0 28a8.2fa0: Timestamp: 0xcdfe5b92 28a8.2fa0: Machine: 0x8664 - amd64 28a8.2fa0: Timestamp: 0xcdfe5b92 28a8.2fa0: Image Version: 10.0 28a8.2fa0: SizeOfImage: 0x273000 (2568192) 28a8.2fa0: Resource Dir: 0x251000 LB 0x548 28a8.2fa0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 28a8.2fa0: [Raw version resource data: 0x2510b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] 28a8.2fa0: ProductName: Microsoft® Windows® Operating System 28a8.2fa0: ProductVersion: 10.0.17134.753 28a8.2fa0: FileVersion: 10.0.17134.753 (WinBuild.160101.0800) 28a8.2fa0: FileDescription: Windows NT BASE API Client DLL 28a8.2fa0: \SystemRoot\System32\apisetschema.dll: 28a8.2fa0: CreationTime: 2018-04-11T23:34:44.042150700Z 28a8.2fa0: LastWriteTime: 2018-04-11T23:34:44.042150700Z 28a8.2fa0: ChangeTime: 2018-05-22T17:16:21.884679300Z 28a8.2fa0: FileAttributes: 0x20 28a8.2fa0: Size: 0x1bd98 28a8.2fa0: NT Headers: 0xd0 28a8.2fa0: Timestamp: 0xd02ff418 28a8.2fa0: Machine: 0x8664 - amd64 28a8.2fa0: Timestamp: 0xd02ff418 28a8.2fa0: Image Version: 10.0 28a8.2fa0: SizeOfImage: 0x1c000 (114688) 28a8.2fa0: Resource Dir: 0x1b000 LB 0x408 28a8.2fa0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 28a8.2fa0: [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)] 28a8.2fa0: ProductName: Microsoft® Windows® Operating System 28a8.2fa0: ProductVersion: 10.0.17134.1 28a8.2fa0: FileVersion: 10.0.17134.1 (WinBuild.160101.0800) 28a8.2fa0: FileDescription: ApiSet Schema DLL 28a8.2fa0: NtOpenDirectoryObject failed on \Driver: 0xc0000022 28a8.2fa0: supR3HardenedWinFindAdversaries: 0x80 28a8.2fa0: \SystemRoot\System32\drivers\MBAMSwissArmy.sys: 28a8.2fa0: CreationTime: 2019-05-16T18:29:34.777781100Z 28a8.2fa0: LastWriteTime: 2019-05-16T18:29:34.777781100Z 28a8.2fa0: ChangeTime: 2019-05-16T18:29:35.621506900Z 28a8.2fa0: FileAttributes: 0x20 28a8.2fa0: Size: 0x43320 28a8.2fa0: NT Headers: 0xf8 28a8.2fa0: Timestamp: 0x5c9e68f9 28a8.2fa0: Machine: 0x8664 - amd64 28a8.2fa0: Timestamp: 0x5c9e68f9 28a8.2fa0: Image Version: 10.0 28a8.2fa0: SizeOfImage: 0x45000 (282624) 28a8.2fa0: Resource Dir: 0x43000 LB 0x3b8 28a8.2fa0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 28a8.2fa0: [Raw version resource data: 0x43060 LB 0x358, codepage 0x0 (reserved 0x0)] 28a8.2fa0: ProductName: Malwarebytes SwissArmy 28a8.2fa0: ProductVersion: 4.3.0.170 28a8.2fa0: FileVersion: 4.3.0.170 28a8.2fa0: FileDescription: Malwarebytes SwissArmy 28a8.2fa0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 28a8.2fa0: Calling main() 28a8.2fa0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2 28a8.2fa0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox' 28a8.2fa0: SUPR3HardenedMain: Respawn #1 28a8.2fa0: System32: \Device\HarddiskVolume4\Windows\System32 28a8.2fa0: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS 28a8.2fa0: KnownDllPath: C:\WINDOWS\System32 28a8.2fa0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports 28a8.2fa0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe) 28a8.2fa0: supR3HardNtEnableThreadCreation: 28a8.2fa0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff97eea4f90 pvNtTerminateThread=00007ff97eecb3f0 28a8.2fa0: supR3HardenedWinDoReSpawn(1): New child 2264.2e44 [kernel32]. 28a8.2fa0: supR3HardNtChildGatherData: PebBaseAddress=000000000020c000 cbPeb=0x388 28a8.2fa0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff97ee30000 uNtDllChildAddr=00007ff97ee30000 28a8.2fa0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff97eea4f90 28a8.2fa0: supR3HardenedWinSetupChildInit: Start child. 28a8.2fa0: Error (rc=258): 28a8.2fa0: Timed out after 2001 ms waiting for child request #0 (PurifyChildAndCloseHandles). 28a8.2fa0: Error 258 in supR3HardNtChildWaitFor! (enmWhat=5) 28a8.2fa0: Timed out after 2001 ms waiting for child request #0 (PurifyChildAndCloseHandles). 28a8.2fa0: supR3HardNtEnableThreadCreation: