22b0.1d28: Log file opened: 5.0.18r106667 g_hStartupLog=0000000000000020 g_uNtVerCombined=0x611db110 22b0.1d28: \SystemRoot\System32\ntdll.dll: 22b0.1d28: CreationTime: 2016-03-11T07:03:50.863601900Z 22b0.1d28: LastWriteTime: 2016-03-11T07:03:50.863601900Z 22b0.1d28: ChangeTime: 2016-03-11T07:04:26.306802200Z 22b0.1d28: FileAttributes: 0x20 22b0.1d28: Size: 0x1a67c0 22b0.1d28: NT Headers: 0xe0 22b0.1d28: Timestamp: 0x560a0083 22b0.1d28: Machine: 0x8664 - amd64 22b0.1d28: Timestamp: 0x560a0083 22b0.1d28: Image Version: 6.1 22b0.1d28: SizeOfImage: 0x1a9000 (1740800) 22b0.1d28: Resource Dir: 0x14d000 LB 0x5a028 22b0.1d28: ProductName: Microsoft® Windows® Operating System 22b0.1d28: ProductVersion: 6.1.7601.19018 22b0.1d28: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507) 22b0.1d28: FileDescription: NT Layer DLL 22b0.1d28: \SystemRoot\System32\kernel32.dll: 22b0.1d28: CreationTime: 2016-03-11T07:03:50.879201900Z 22b0.1d28: LastWriteTime: 2016-03-11T07:03:50.879201900Z 22b0.1d28: ChangeTime: 2016-03-11T07:04:26.384802200Z 22b0.1d28: FileAttributes: 0x20 22b0.1d28: Size: 0x11c600 22b0.1d28: NT Headers: 0xe8 22b0.1d28: Timestamp: 0x560a0093 22b0.1d28: Machine: 0x8664 - amd64 22b0.1d28: Timestamp: 0x560a0093 22b0.1d28: Image Version: 6.1 22b0.1d28: SizeOfImage: 0x120000 (1179648) 22b0.1d28: Resource Dir: 0x117000 LB 0x528 22b0.1d28: ProductName: Microsoft® Windows® Operating System 22b0.1d28: ProductVersion: 6.1.7601.19018 22b0.1d28: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507) 22b0.1d28: FileDescription: Windows NT BASE API Client DLL 22b0.1d28: \SystemRoot\System32\KernelBase.dll: 22b0.1d28: CreationTime: 2016-03-11T07:03:50.894801900Z 22b0.1d28: LastWriteTime: 2016-03-11T07:03:50.894801900Z 22b0.1d28: ChangeTime: 2016-03-11T07:04:26.384802200Z 22b0.1d28: FileAttributes: 0x20 22b0.1d28: Size: 0x67c00 22b0.1d28: NT Headers: 0xe8 22b0.1d28: Timestamp: 0x560a0094 22b0.1d28: Machine: 0x8664 - amd64 22b0.1d28: Timestamp: 0x560a0094 22b0.1d28: Image Version: 6.1 22b0.1d28: SizeOfImage: 0x6c000 (442368) 22b0.1d28: Resource Dir: 0x6a000 LB 0x530 22b0.1d28: ProductName: Microsoft® Windows® Operating System 22b0.1d28: ProductVersion: 6.1.7601.19018 22b0.1d28: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507) 22b0.1d28: FileDescription: Windows NT BASE API Client DLL 22b0.1d28: \SystemRoot\System32\apisetschema.dll: 22b0.1d28: CreationTime: 2016-03-11T07:03:50.863601900Z 22b0.1d28: LastWriteTime: 2016-03-11T07:03:50.863601900Z 22b0.1d28: ChangeTime: 2016-03-11T07:04:26.197602200Z 22b0.1d28: FileAttributes: 0x20 22b0.1d28: Size: 0x1a00 22b0.1d28: NT Headers: 0xc0 22b0.1d28: Timestamp: 0x5609ff3b 22b0.1d28: Machine: 0x8664 - amd64 22b0.1d28: Timestamp: 0x5609ff3b 22b0.1d28: Image Version: 6.1 22b0.1d28: SizeOfImage: 0x50000 (327680) 22b0.1d28: Resource Dir: 0x30000 LB 0x3f8 22b0.1d28: ProductName: Microsoft® Windows® Operating System 22b0.1d28: ProductVersion: 6.1.7601.19018 22b0.1d28: FileVersion: 6.1.7601.19018 (win7sp1_gdr.150928-1507) 22b0.1d28: FileDescription: ApiSet Schema DLL 22b0.1d28: Found driver KLIM6 (0x40) 22b0.1d28: Found driver kl1 (0x40) 22b0.1d28: Found driver kneps (0x40) 22b0.1d28: Found driver kltdi (0x40) 22b0.1d28: supR3HardenedWinFindAdversaries: 0x40 22b0.1d28: \SystemRoot\System32\drivers\kl1.sys: 22b0.1d28: CreationTime: 2013-09-05T00:38:46.000000000Z 22b0.1d28: LastWriteTime: 2013-09-05T00:38:46.000000000Z 22b0.1d28: ChangeTime: 2016-04-25T01:12:25.909366600Z 22b0.1d28: FileAttributes: 0x20 22b0.1d28: Size: 0x75c460 22b0.1d28: NT Headers: 0xe0 22b0.1d28: Timestamp: 0x522826d2 22b0.1d28: Machine: 0x8664 - amd64 22b0.1d28: Timestamp: 0x522826d2 22b0.1d28: Image Version: 0.0 22b0.1d28: SizeOfImage: 0x75e000 (7725056) 22b0.1d28: Resource Dir: 0x75c000 LB 0x448 22b0.1d28: ProductName: Kaspersky Anti-Virus 22b0.1d28: ProductVersion: 6.0.1.990 22b0.1d28: FileVersion: 6.8.0.27 22b0.1d28: FileDescription: Kaspersky Unified Driver 22b0.1d28: \SystemRoot\System32\drivers\klflt.sys: 22b0.1d28: CreationTime: 2016-04-25T01:11:57.109736000Z 22b0.1d28: LastWriteTime: 2016-04-25T01:11:57.125337100Z 22b0.1d28: ChangeTime: 2016-04-25T01:12:04.707471700Z 22b0.1d28: FileAttributes: 0x20 22b0.1d28: Size: 0x18060 22b0.1d28: NT Headers: 0xf0 22b0.1d28: Timestamp: 0x52399b96 22b0.1d28: Machine: 0x8664 - amd64 22b0.1d28: Timestamp: 0x52399b96 22b0.1d28: Image Version: 6.0 22b0.1d28: SizeOfImage: 0x24000 (147456) 22b0.1d28: Resource Dir: 0x22000 LB 0x370 22b0.1d28: ProductName: Kaspersky™ Anti-Virus ® 22b0.1d28: ProductVersion: 1.2.0.29 22b0.1d28: FileVersion: 1.2.0.29 22b0.1d28: FileDescription: Filter Core [fre_wlh_x64] 22b0.1d28: \SystemRoot\System32\drivers\klif.sys: 22b0.1d28: CreationTime: 2016-04-25T01:11:57.140938200Z 22b0.1d28: LastWriteTime: 2016-04-25T01:11:57.156539300Z 22b0.1d28: ChangeTime: 2016-04-25T01:12:04.707471700Z 22b0.1d28: FileAttributes: 0x20 22b0.1d28: Size: 0xa1860 22b0.1d28: NT Headers: 0xf8 22b0.1d28: Timestamp: 0x527a5709 22b0.1d28: Machine: 0x8664 - amd64 22b0.1d28: Timestamp: 0x527a5709 22b0.1d28: Image Version: 6.0 22b0.1d28: SizeOfImage: 0xad000 (708608) 22b0.1d28: Resource Dir: 0xab000 LB 0x388 22b0.1d28: ProductName: Kaspersky™ Anti-Virus ® 22b0.1d28: ProductVersion: 8.12.1.115 22b0.1d28: FileVersion: 8.12.1.115 22b0.1d28: FileDescription: Klif Mini-Filter [fre_wlh_x64] 22b0.1d28: \SystemRoot\System32\drivers\klim6.sys: 22b0.1d28: CreationTime: 2013-07-11T01:54:12.000000000Z 22b0.1d28: LastWriteTime: 2013-07-11T01:54:12.000000000Z 22b0.1d28: ChangeTime: 2016-04-25T01:12:23.772015900Z 22b0.1d28: FileAttributes: 0x20 22b0.1d28: Size: 0x7460 22b0.1d28: NT Headers: 0xf8 22b0.1d28: Timestamp: 0x51de64a0 22b0.1d28: Machine: 0x8664 - amd64 22b0.1d28: Timestamp: 0x51de64a0 22b0.1d28: Image Version: 6.0 22b0.1d28: SizeOfImage: 0xa000 (40960) 22b0.1d28: Resource Dir: 0x8000 LB 0x470 22b0.1d28: ProductName: Kaspersky Anti-Virus 22b0.1d28: ProductVersion: 6.0.1.990 22b0.1d28: FileVersion: 8.0.0.71 22b0.1d28: FileDescription: Kaspersky Lab Intermediate Network Driver 22b0.1d28: \SystemRoot\System32\drivers\kltdi.sys: 22b0.1d28: CreationTime: 2012-11-22T02:48:12.000000000Z 22b0.1d28: LastWriteTime: 2012-11-22T02:48:12.000000000Z 22b0.1d28: ChangeTime: 2016-04-25T01:12:26.268191900Z 22b0.1d28: FileAttributes: 0x20 22b0.1d28: Size: 0xd358 22b0.1d28: NT Headers: 0x100 22b0.1d28: Timestamp: 0x50ade6c4 22b0.1d28: Machine: 0x8664 - amd64 22b0.1d28: Timestamp: 0x50ade6c4 22b0.1d28: Image Version: 6.1 22b0.1d28: SizeOfImage: 0x10000 (65536) 22b0.1d28: Resource Dir: 0xe000 LB 0x398 22b0.1d28: ProductName: Kaspersky™ Anti-Virus ® 22b0.1d28: ProductVersion: 1.2.0.10 22b0.1d28: FileVersion: 1.2.0.10 built by: WinDDK 22b0.1d28: FileDescription: Network filtering component 22b0.1d28: \SystemRoot\System32\drivers\kneps.sys: 22b0.1d28: CreationTime: 2013-07-01T07:18:10.000000000Z 22b0.1d28: LastWriteTime: 2013-07-01T07:18:10.000000000Z 22b0.1d28: ChangeTime: 2016-04-25T01:12:27.141853500Z 22b0.1d28: FileAttributes: 0x20 22b0.1d28: Size: 0x2b660 22b0.1d28: NT Headers: 0x110 22b0.1d28: Timestamp: 0x51d1814d 22b0.1d28: Machine: 0x8664 - amd64 22b0.1d28: Timestamp: 0x51d1814d 22b0.1d28: Image Version: 6.1 22b0.1d28: SizeOfImage: 0x2d000 (184320) 22b0.1d28: Resource Dir: 0x2b000 LB 0x370 22b0.1d28: ProductName: Kaspersky™ Anti-Virus ® 22b0.1d28: ProductVersion: 5.2.1.1 22b0.1d28: FileVersion: 5.2.1.1 built by: WinDDK 22b0.1d28: FileDescription: KNEPS Power 22b0.1d28: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' 22b0.1d28: Calling main() 22b0.1d28: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0 22b0.1d28: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' 22b0.1d28: SUPR3HardenedMain: Respawn #1 22b0.1d28: System32: \Device\HarddiskVolume3\Windows\System32 22b0.1d28: WinSxS: \Device\HarddiskVolume3\Windows\winsxs 22b0.1d28: KnownDllPath: C:\windows\system32 22b0.1d28: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports 22b0.1d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe) 22b0.1d28: supR3HardNtEnableThreadCreation: 22b0.1d28: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077a6b630 pvNtTerminateThread=0000000077a8dee0 22b0.1d28: supR3HardenedWinDoReSpawn(1): New child 1b7c.1318 [kernel32]. 22b0.1d28: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd9000 cbPeb=0x380 22b0.1d28: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077a40000 uNtDllChildAddr=0000000077a40000 22b0.1d28: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000077a6b630 22b0.1d28: supR3HardenedWinSetupChildInit: Start child. 22b0.1d28: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 22b0.1d28: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps 22b0.1d28: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 22b0.1d28: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000 22b0.1d28: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000 22b0.1d28: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000 22b0.1d28: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000 22b0.1d28: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000 22b0.1d28: 0000000000041000-fffffffffffa1fff 0x0001/0x0000 0x0000000 22b0.1d28: *00000000000e0000-fffffffffffe3fff 0x0000/0x0004 0x0020000 22b0.1d28: 00000000001dc000-00000000001d8fff 0x0104/0x0004 0x0020000 22b0.1d28: 00000000001df000-00000000001ddfff 0x0004/0x0004 0x0020000 22b0.1d28: 00000000001e0000-ffffffff8897ffff 0x0001/0x0000 0x0000000 22b0.1d28: *0000000077a40000-0000000077a40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 22b0.1d28: 0000000077a41000-0000000077b3efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 22b0.1d28: 0000000077b3f000-0000000077b6dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 22b0.1d28: 0000000077b6e000-0000000077b75fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 22b0.1d28: 0000000077b76000-0000000077b76fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 22b0.1d28: 0000000077b77000-0000000077b79fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 22b0.1d28: 0000000077b7a000-0000000077be8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 22b0.1d28: 0000000077be9000-00000000707f1fff 0x0001/0x0000 0x0000000 22b0.1d28: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000 22b0.1d28: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000 22b0.1d28: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000 22b0.1d28: 000000007fff0000-ffffffffc0f6ffff 0x0001/0x0000 0x0000000 22b0.1d28: *000000013f070000-000000013f070fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 22b0.1d28: 000000013f071000-000000013f0dffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 22b0.1d28: 000000013f0e0000-000000013f0e0fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 22b0.1d28: 000000013f0e1000-000000013f125fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 22b0.1d28: 000000013f126000-000000013f126fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 22b0.1d28: 000000013f127000-000000013f127fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 22b0.1d28: 000000013f128000-000000013f12cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 22b0.1d28: 000000013f12d000-000000013f12dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 22b0.1d28: 000000013f12e000-000000013f12efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 22b0.1d28: 000000013f12f000-000000013f132fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 22b0.1d28: 000000013f133000-000000013f17afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 22b0.1d28: 000000013f17b000-fffff8037e595fff 0x0001/0x0000 0x0000000 22b0.1d28: *000007feffd60000-000007feffd60fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apisetschema.dll 22b0.1d28: 000007feffd61000-000007fdffb11fff 0x0001/0x0000 0x0000000 22b0.1d28: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000 22b0.1d28: 000007fffffd3000-000007fffffccfff 0x0001/0x0000 0x0000000 22b0.1d28: *000007fffffd9000-000007fffffd7fff 0x0004/0x0004 0x0020000 22b0.1d28: 000007fffffda000-000007fffffd5fff 0x0001/0x0000 0x0000000 22b0.1d28: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000 22b0.1d28: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000 22b0.1d28: apisetschema.dll: timestamp 0x5609ff3b (rc=VINF_SUCCESS) 22b0.1d28: VBoxHeadless.exe: timestamp 0x5714e21a (rc=VINF_SUCCESS) 22b0.1d28: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports 22b0.1d28: '\Device\HarddiskVolume3\Windows\System32\apisetschema.dll' has no imports 22b0.1d28: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports 22b0.1d28: supR3HardNtChildPurify: Done after 539 ms and 0 fixes (loop #0). 1b7c.1318: Log file opened: 5.0.18r106667 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100 1b7c.1318: supR3HardenedVmProcessInit: uNtDllAddr=0000000077a40000 g_uNtVerCombined=0x611db100 1b7c.1318: ntdll.dll: timestamp 0x560a0083 (rc=VINF_SUCCESS) 1b7c.1318: New simple heap: #1 00000000002e0000 LB 0x400000 (for 1740800 allocation) 22b0.1d28: supR3HardNtEnableThreadCreation: 1b7c.1318: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' 1b7c.1318: System32: \Device\HarddiskVolume3\Windows\System32 1b7c.1318: WinSxS: \Device\HarddiskVolume3\Windows\winsxs 1b7c.1318: KnownDllPath: C:\windows\system32 1b7c.1318: supR3HardenedVmProcessInit: Opening vboxdrv stub... 1b7c.1318: Error opening VBoxDrvStub: STATUS_NO_SUCH_DEVICE 1b7c.1318: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc000000e 1b7c.1318: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3) 1b7c.1318: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc000000e STATUS_NO_SUCH_DEVICE (164 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help. 22b0.1d28: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc000000e STATUS_NO_SUCH_DEVICE (164 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help. 22b0.1d28: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3) 22b0.1d28: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc000000e STATUS_NO_SUCH_DEVICE (164 retries) Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.