f80.3fb0: Log file opened: 6.0.0r127566 g_hStartupLog=000000000000007c g_uNtVerCombined=0xa042ee00 f80.3fb0: \SystemRoot\System32\ntdll.dll: f80.3fb0: CreationTime: 2018-12-12T10:33:30.755997400Z f80.3fb0: LastWriteTime: 2018-12-08T08:04:53.786979100Z f80.3fb0: ChangeTime: 2018-12-24T18:40:55.054555600Z f80.3fb0: FileAttributes: 0x20 f80.3fb0: Size: 0x1da720 f80.3fb0: NT Headers: 0xe8 f80.3fb0: Timestamp: 0x7e614c22 f80.3fb0: Machine: 0x8664 - amd64 f80.3fb0: Timestamp: 0x7e614c22 f80.3fb0: Image Version: 10.0 f80.3fb0: SizeOfImage: 0x1e1000 (1970176) f80.3fb0: Resource Dir: 0x174000 LB 0x6b3e8 f80.3fb0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] f80.3fb0: [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)] f80.3fb0: ProductName: Microsoft® Windows® Operating System f80.3fb0: ProductVersion: 10.0.17134.471 f80.3fb0: FileVersion: 10.0.17134.471 (WinBuild.160101.0800) f80.3fb0: FileDescription: NT Layer DLL f80.3fb0: \SystemRoot\System32\kernel32.dll: f80.3fb0: CreationTime: 2018-04-11T23:34:40.510607900Z f80.3fb0: LastWriteTime: 2018-04-11T23:34:40.510607900Z f80.3fb0: ChangeTime: 2018-12-05T13:34:42.805598700Z f80.3fb0: FileAttributes: 0x20 f80.3fb0: Size: 0xafef8 f80.3fb0: NT Headers: 0xe8 f80.3fb0: Timestamp: 0x5f488a51 f80.3fb0: Machine: 0x8664 - amd64 f80.3fb0: Timestamp: 0x5f488a51 f80.3fb0: Image Version: 10.0 f80.3fb0: SizeOfImage: 0xb2000 (729088) f80.3fb0: Resource Dir: 0xb0000 LB 0x520 f80.3fb0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] f80.3fb0: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] f80.3fb0: ProductName: Microsoft® Windows® Operating System f80.3fb0: ProductVersion: 10.0.17134.1 f80.3fb0: FileVersion: 10.0.17134.1 (WinBuild.160101.0800) f80.3fb0: FileDescription: Windows NT BASE API Client DLL f80.3fb0: \SystemRoot\System32\KernelBase.dll: f80.3fb0: CreationTime: 2018-12-05T13:30:28.630567500Z f80.3fb0: LastWriteTime: 2018-12-05T13:30:28.630567500Z f80.3fb0: ChangeTime: 2018-12-24T18:40:55.045576900Z f80.3fb0: FileAttributes: 0x20 f80.3fb0: Size: 0x273b78 f80.3fb0: NT Headers: 0xf0 f80.3fb0: Timestamp: 0x428de48c f80.3fb0: Machine: 0x8664 - amd64 f80.3fb0: Timestamp: 0x428de48c f80.3fb0: Image Version: 10.0 f80.3fb0: SizeOfImage: 0x273000 (2568192) f80.3fb0: Resource Dir: 0x251000 LB 0x548 f80.3fb0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] f80.3fb0: [Raw version resource data: 0x2510b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] f80.3fb0: ProductName: Microsoft® Windows® Operating System f80.3fb0: ProductVersion: 10.0.17134.441 f80.3fb0: FileVersion: 10.0.17134.441 (WinBuild.160101.0800) f80.3fb0: FileDescription: Windows NT BASE API Client DLL f80.3fb0: \SystemRoot\System32\apisetschema.dll: f80.3fb0: CreationTime: 2018-04-11T23:34:44.042150700Z f80.3fb0: LastWriteTime: 2018-04-11T23:34:44.042150700Z f80.3fb0: ChangeTime: 2018-12-05T13:19:42.727123400Z f80.3fb0: FileAttributes: 0x20 f80.3fb0: Size: 0x1bd98 f80.3fb0: NT Headers: 0xd0 f80.3fb0: Timestamp: 0xd02ff418 f80.3fb0: Machine: 0x8664 - amd64 f80.3fb0: Timestamp: 0xd02ff418 f80.3fb0: Image Version: 10.0 f80.3fb0: SizeOfImage: 0x1c000 (114688) f80.3fb0: Resource Dir: 0x1b000 LB 0x408 f80.3fb0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] f80.3fb0: [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)] f80.3fb0: ProductName: Microsoft® Windows® Operating System f80.3fb0: ProductVersion: 10.0.17134.1 f80.3fb0: FileVersion: 10.0.17134.1 (WinBuild.160101.0800) f80.3fb0: FileDescription: ApiSet Schema DLL f80.3fb0: NtOpenDirectoryObject failed on \Driver: 0xc0000022 f80.3fb0: supR3HardenedWinFindAdversaries: 0x20 f80.3fb0: \SystemRoot\System32\drivers\cfwids.sys: f80.3fb0: CreationTime: 2018-10-04T13:57:26.000000000Z f80.3fb0: LastWriteTime: 2018-10-04T13:57:26.000000000Z f80.3fb0: ChangeTime: 2018-12-12T10:32:08.642667900Z f80.3fb0: FileAttributes: 0x20 f80.3fb0: Size: 0x12d40 f80.3fb0: NT Headers: 0xf0 f80.3fb0: Timestamp: 0x5b7cebbe f80.3fb0: Machine: 0x8664 - amd64 f80.3fb0: Timestamp: 0x5b7cebbe f80.3fb0: Image Version: 0.0 f80.3fb0: SizeOfImage: 0x14000 (81920) f80.3fb0: Resource Dir: 0x12000 LB 0x550 f80.3fb0: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)] f80.3fb0: [Raw version resource data: 0x120a0 LB 0x318, codepage 0x0 (reserved 0x0)] f80.3fb0: ProductName: SYSCORE f80.3fb0: ProductVersion: 18.9.0.174 f80.3fb0: FileVersion: SYSCORE.18.9.0.174 f80.3fb0: PrivateBuild: SYSCORE.18.9.0.174 f80.3fb0: FileDescription: McAfee Personal Firewall IDS Plugin f80.3fb0: \SystemRoot\System32\drivers\mfeavfk.sys: f80.3fb0: CreationTime: 2018-10-04T13:57:26.000000000Z f80.3fb0: LastWriteTime: 2018-10-04T13:57:26.000000000Z f80.3fb0: ChangeTime: 2018-12-12T10:32:07.861601500Z f80.3fb0: FileAttributes: 0x20 f80.3fb0: Size: 0x5ab40 f80.3fb0: NT Headers: 0xe8 f80.3fb0: Timestamp: 0x5b7ceb01 f80.3fb0: Machine: 0x8664 - amd64 f80.3fb0: Timestamp: 0x5b7ceb01 f80.3fb0: Image Version: 0.0 f80.3fb0: SizeOfImage: 0x5b000 (372736) f80.3fb0: Resource Dir: 0x59000 LB 0x758 f80.3fb0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] f80.3fb0: [Raw version resource data: 0x59110 LB 0x334, codepage 0x0 (reserved 0x0)] f80.3fb0: ProductName: SYSCORE f80.3fb0: ProductVersion: 18.9.0.174 f80.3fb0: FileVersion: SYSCORE.18.9.0.174 f80.3fb0: PrivateBuild: SYSCORE.18.9.0.174 F15,F16,F19 f80.3fb0: FileDescription: Anti-Virus File System Filter Driver f80.3fb0: \SystemRoot\System32\drivers\mfefirek.sys: f80.3fb0: CreationTime: 2018-10-04T13:57:26.000000000Z f80.3fb0: LastWriteTime: 2018-10-04T13:57:26.000000000Z f80.3fb0: ChangeTime: 2018-12-12T10:32:07.596036700Z f80.3fb0: FileAttributes: 0x20 f80.3fb0: Size: 0x7dd40 f80.3fb0: NT Headers: 0xf0 f80.3fb0: Timestamp: 0x5b7ceb8a f80.3fb0: Machine: 0x8664 - amd64 f80.3fb0: Timestamp: 0x5b7ceb8a f80.3fb0: Image Version: 0.0 f80.3fb0: SizeOfImage: 0x7f000 (520192) f80.3fb0: Resource Dir: 0x7b000 LB 0x388 f80.3fb0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] f80.3fb0: [Raw version resource data: 0x7b060 LB 0x328, codepage 0x0 (reserved 0x0)] f80.3fb0: ProductName: SYSCORE f80.3fb0: ProductVersion: 18.9.0.174 f80.3fb0: FileVersion: SYSCORE.18.9.0.174 f80.3fb0: PrivateBuild: SYSCORE.18.9.0.174 F17,F18 f80.3fb0: FileDescription: McAfee Core Firewall Engine Driver f80.3fb0: \SystemRoot\System32\drivers\mfehidk.sys: f80.3fb0: CreationTime: 2018-10-04T13:57:26.000000000Z f80.3fb0: LastWriteTime: 2018-10-04T13:57:26.000000000Z f80.3fb0: ChangeTime: 2018-12-12T10:32:05.409047600Z f80.3fb0: FileAttributes: 0x20 f80.3fb0: Size: 0xee140 f80.3fb0: NT Headers: 0x108 f80.3fb0: Timestamp: 0x5b7cea9c f80.3fb0: Machine: 0x8664 - amd64 f80.3fb0: Timestamp: 0x5b7cea9c f80.3fb0: Image Version: 0.0 f80.3fb0: SizeOfImage: 0xf7000 (1011712) f80.3fb0: Resource Dir: 0xf3000 LB 0x758 f80.3fb0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] f80.3fb0: [Raw version resource data: 0xf3110 LB 0x320, codepage 0x0 (reserved 0x0)] f80.3fb0: ProductName: SYSCORE f80.3fb0: ProductVersion: 18.9.0.174 f80.3fb0: FileVersion: SYSCORE.18.9.0.174 f80.3fb0: PrivateBuild: SYSCORE.18.9.0.174 F14,F15,F16,F18,F20 f80.3fb0: FileDescription: McAfee Link Driver f80.3fb0: \SystemRoot\System32\drivers\mfencbdc.sys: f80.3fb0: CreationTime: 2018-10-02T22:39:34.000000000Z f80.3fb0: LastWriteTime: 2018-10-02T22:39:34.000000000Z f80.3fb0: ChangeTime: 2018-12-13T12:43:43.901360100Z f80.3fb0: FileAttributes: 0x20 f80.3fb0: Size: 0x88f30 f80.3fb0: NT Headers: 0xe0 f80.3fb0: Timestamp: 0x5b843d50 f80.3fb0: Machine: 0x8664 - amd64 f80.3fb0: Timestamp: 0x5b843d50 f80.3fb0: Image Version: 0.0 f80.3fb0: SizeOfImage: 0x8c000 (573440) f80.3fb0: Resource Dir: 0x8a000 LB 0x3e0 f80.3fb0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] f80.3fb0: [Raw version resource data: 0x8a060 LB 0x380, codepage 0x0 (reserved 0x0)] f80.3fb0: ProductName: Anti-Malware Core f80.3fb0: ProductVersion: 18.9.0 f80.3fb0: FileVersion: Anti-Malware Core.18.9.0.284.x64 f80.3fb0: PrivateBuild: Anti-Malware Core.18.9.0.284.x64 f80.3fb0: FileDescription: Event Driver f80.3fb0: \SystemRoot\System32\drivers\mfewfpk.sys: f80.3fb0: CreationTime: 2018-10-04T13:57:26.000000000Z f80.3fb0: LastWriteTime: 2018-10-04T13:57:26.000000000Z f80.3fb0: ChangeTime: 2018-12-12T10:32:03.186322300Z f80.3fb0: FileAttributes: 0x20 f80.3fb0: Size: 0x3df40 f80.3fb0: NT Headers: 0xf0 f80.3fb0: Timestamp: 0x5b7ceab5 f80.3fb0: Machine: 0x8664 - amd64 f80.3fb0: Timestamp: 0x5b7ceab5 f80.3fb0: Image Version: 0.0 f80.3fb0: SizeOfImage: 0x59000 (364544) f80.3fb0: Resource Dir: 0x57000 LB 0x380 f80.3fb0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] f80.3fb0: [Raw version resource data: 0x57060 LB 0x320, codepage 0x0 (reserved 0x0)] f80.3fb0: ProductName: SYSCORE f80.3fb0: ProductVersion: 18.9.0.174 f80.3fb0: FileVersion: SYSCORE.18.9.0.174 f80.3fb0: PrivateBuild: SYSCORE.18.9.0.174 F17,F18 f80.3fb0: FileDescription: Anti-Virus Mini-Firewall Driver f80.3fb0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' f80.3fb0: Calling main() f80.3fb0: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0 f80.3fb0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' f80.3fb0: SUPR3HardenedMain: Respawn #1 f80.3fb0: System32: \Device\HarddiskVolume3\Windows\System32 f80.3fb0: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS f80.3fb0: KnownDllPath: C:\WINDOWS\System32 f80.3fb0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports f80.3fb0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe) f80.3fb0: supR3HardNtEnableThreadCreation: f80.3fb0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd84674f90 pvNtTerminateThread=00007ffd8469b3f0 f80.3fb0: supR3HardenedWinDoReSpawn(1): New child 2440.20bc [kernel32]. f80.3fb0: supR3HardNtChildGatherData: PebBaseAddress=0000000000a7a000 cbPeb=0x388 f80.3fb0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd84600000 uNtDllChildAddr=00007ffd84600000 f80.3fb0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd84674f90 f80.3fb0: supR3HardenedWinSetupChildInit: Start child. f80.3fb0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 3 ms. f80.3fb0: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 46 sleeps f80.3fb0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION f80.3fb0: *0000000000000000-00000000009bffff 0x0001/0x0000 0x0000000 f80.3fb0: *00000000009c0000-00000000009dffff 0x0004/0x0004 0x0020000 f80.3fb0: *00000000009e0000-00000000009f8fff 0x0002/0x0002 0x0040000 f80.3fb0: 00000000009f9000-00000000009fffff 0x0001/0x0000 0x0000000 f80.3fb0: *0000000000a00000-0000000000a79fff 0x0000/0x0004 0x0020000 f80.3fb0: 0000000000a7a000-0000000000a7cfff 0x0004/0x0004 0x0020000 f80.3fb0: 0000000000a7d000-0000000000bfffff 0x0000/0x0004 0x0020000 f80.3fb0: *0000000000c00000-0000000000cfafff 0x0000/0x0004 0x0020000 f80.3fb0: 0000000000cfb000-0000000000cfdfff 0x0104/0x0004 0x0020000 f80.3fb0: 0000000000cfe000-0000000000cfffff 0x0004/0x0004 0x0020000 f80.3fb0: *0000000000d00000-0000000000d03fff 0x0002/0x0002 0x0040000 f80.3fb0: 0000000000d04000-0000000000d0ffff 0x0001/0x0000 0x0000000 f80.3fb0: *0000000000d10000-0000000000d10fff 0x0004/0x0004 0x0020000 f80.3fb0: 0000000000d11000-000000007ffdffff 0x0001/0x0000 0x0000000 f80.3fb0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 f80.3fb0: 000000007ffe1000-00007ff59b2cffff 0x0001/0x0000 0x0000000 f80.3fb0: *00007ff59b2d0000-00007ff59b2f2fff 0x0002/0x0002 0x0040000 f80.3fb0: 00007ff59b2f3000-00007ff7da23ffff 0x0001/0x0000 0x0000000 f80.3fb0: *00007ff7da240000-00007ff7da240fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe f80.3fb0: 00007ff7da241000-00007ff7da2b3fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe f80.3fb0: 00007ff7da2b4000-00007ff7da2b4fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe f80.3fb0: 00007ff7da2b5000-00007ff7da2fbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe f80.3fb0: 00007ff7da2fc000-00007ff7da2fcfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe f80.3fb0: 00007ff7da2fd000-00007ff7da2fdfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe f80.3fb0: 00007ff7da2fe000-00007ff7da302fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe f80.3fb0: 00007ff7da303000-00007ff7da303fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe f80.3fb0: 00007ff7da304000-00007ff7da304fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe f80.3fb0: 00007ff7da305000-00007ff7da308fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe f80.3fb0: 00007ff7da309000-00007ff7da351fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe f80.3fb0: 00007ff7da352000-00007ffd845fffff 0x0001/0x0000 0x0000000 f80.3fb0: *00007ffd84600000-00007ffd84600fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f80.3fb0: 00007ffd84601000-00007ffd8470ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f80.3fb0: 00007ffd84710000-00007ffd84755fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f80.3fb0: 00007ffd84756000-00007ffd84760fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f80.3fb0: 00007ffd84761000-00007ffd8476efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f80.3fb0: 00007ffd8476f000-00007ffd8476ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f80.3fb0: 00007ffd84770000-00007ffd84772fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f80.3fb0: 00007ffd84773000-00007ffd847e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll f80.3fb0: 00007ffd847e1000-00007ffffffeffff 0x0001/0x0000 0x0000000 f80.3fb0: VBoxHeadless.exe: timestamp 0x5c18e1cd (rc=VINF_SUCCESS) f80.3fb0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports f80.3fb0: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports f80.3fb0: supR3HardNtChildPurify: Done after 649 ms and 0 fixes (loop #0). 2440.20bc: Log file opened: 6.0.0r127566 g_hStartupLog=0000000000000008 g_uNtVerCombined=0xa042ee00 2440.20bc: supR3HardenedVmProcessInit: uNtDllAddr=00007ffd84600000 g_uNtVerCombined=0xa042ee00 2440.20bc: ntdll.dll: timestamp 0x7e614c22 (rc=VINF_SUCCESS) 2440.20bc: New simple heap: #1 0000000000e20000 LB 0x400000 (for 1970176 allocation) f80.3fb0: supR3HardNtEnableThreadCreation: 2440.20bc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' 2440.20bc: System32: \Device\HarddiskVolume3\Windows\System32 2440.20bc: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS 2440.20bc: KnownDllPath: C:\WINDOWS\System32 2440.20bc: supR3HardenedVmProcessInit: Opening vboxdrv stub... 2440.20bc: Error opening VBoxDrvStub: STATUS_NO_SUCH_DEVICE 2440.20bc: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc000000e 2440.20bc: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3) 2440.20bc: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc000000e STATUS_NO_SUCH_DEVICE (150 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help. f80.3fb0: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc000000e STATUS_NO_SUCH_DEVICE (150 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help. f80.3fb0: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3) f80.3fb0: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc000000e STATUS_NO_SUCH_DEVICE (150 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.