eb4.237c: Log file opened: 5.0.16r105871 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110 eb4.237c: \SystemRoot\System32\ntdll.dll: eb4.237c: CreationTime: 2016-03-15T07:00:57.557312200Z eb4.237c: LastWriteTime: 2016-02-11T18:52:52.157940400Z eb4.237c: ChangeTime: 2016-03-17T04:55:11.918319000Z eb4.237c: FileAttributes: 0x20 eb4.237c: Size: 0x1a73d8 eb4.237c: NT Headers: 0xe0 eb4.237c: Timestamp: 0x56bcd74c eb4.237c: Machine: 0x8664 - amd64 eb4.237c: Timestamp: 0x56bcd74c eb4.237c: Image Version: 6.1 eb4.237c: SizeOfImage: 0x1aa000 (1744896) eb4.237c: Resource Dir: 0x14e000 LB 0x5a028 eb4.237c: ProductName: Microsoft® Windows® Operating System eb4.237c: ProductVersion: 6.1.7601.19160 eb4.237c: FileVersion: 6.1.7601.19160 (win7sp1_gdr.160211-0600) eb4.237c: FileDescription: NT Layer DLL eb4.237c: \SystemRoot\System32\kernel32.dll: eb4.237c: CreationTime: 2016-03-15T07:00:57.458312200Z eb4.237c: LastWriteTime: 2016-02-11T18:44:34.819000000Z eb4.237c: ChangeTime: 2016-03-17T00:36:51.827533100Z eb4.237c: FileAttributes: 0x20 eb4.237c: Size: 0x11c000 eb4.237c: NT Headers: 0xe8 eb4.237c: Timestamp: 0x56bcd73b eb4.237c: Machine: 0x8664 - amd64 eb4.237c: Timestamp: 0x56bcd73b eb4.237c: Image Version: 6.1 eb4.237c: SizeOfImage: 0x11f000 (1175552) eb4.237c: Resource Dir: 0x116000 LB 0x528 eb4.237c: ProductName: Microsoft® Windows® Operating System eb4.237c: ProductVersion: 6.1.7601.19160 eb4.237c: FileVersion: 6.1.7601.19160 (win7sp1_gdr.160211-0600) eb4.237c: FileDescription: Windows NT BASE API Client DLL eb4.237c: \SystemRoot\System32\KernelBase.dll: eb4.237c: CreationTime: 2016-03-15T07:00:58.494312200Z eb4.237c: LastWriteTime: 2016-02-11T18:44:34.850000000Z eb4.237c: ChangeTime: 2016-03-17T00:36:51.843533100Z eb4.237c: FileAttributes: 0x20 eb4.237c: Size: 0x67200 eb4.237c: NT Headers: 0xe8 eb4.237c: Timestamp: 0x56bcd73c eb4.237c: Machine: 0x8664 - amd64 eb4.237c: Timestamp: 0x56bcd73c eb4.237c: Image Version: 6.1 eb4.237c: SizeOfImage: 0x6b000 (438272) eb4.237c: Resource Dir: 0x69000 LB 0x530 eb4.237c: ProductName: Microsoft® Windows® Operating System eb4.237c: ProductVersion: 6.1.7601.19160 eb4.237c: FileVersion: 6.1.7601.19160 (win7sp1_gdr.160211-0600) eb4.237c: FileDescription: Windows NT BASE API Client DLL eb4.237c: \SystemRoot\System32\apisetschema.dll: eb4.237c: CreationTime: 2016-03-15T07:01:00.001312200Z eb4.237c: LastWriteTime: 2016-02-11T18:41:37.445000000Z eb4.237c: ChangeTime: 2016-03-17T04:55:12.027519200Z eb4.237c: FileAttributes: 0x20 eb4.237c: Size: 0x1a00 eb4.237c: NT Headers: 0xc0 eb4.237c: Timestamp: 0x56bcd628 eb4.237c: Machine: 0x8664 - amd64 eb4.237c: Timestamp: 0x56bcd628 eb4.237c: Image Version: 6.1 eb4.237c: SizeOfImage: 0x50000 (327680) eb4.237c: Resource Dir: 0x30000 LB 0x3f8 eb4.237c: ProductName: Microsoft® Windows® Operating System eb4.237c: ProductVersion: 6.1.7601.19160 eb4.237c: FileVersion: 6.1.7601.19160 (win7sp1_gdr.160211-0600) eb4.237c: FileDescription: ApiSet Schema DLL eb4.237c: Found driver mfewfpk (0x20) eb4.237c: Found driver mfehidk (0x20) eb4.237c: Found driver mfeavfk (0x20) eb4.237c: Found driver dgmaster (0x2000) eb4.237c: Found driver mfeapfk (0x20) eb4.237c: Found driver mfefirek (0x20) eb4.237c: supR3HardenedWinFindAdversaries: 0x2020 eb4.237c: \SystemRoot\System32\drivers\mfeapfk.sys: eb4.237c: CreationTime: 2014-10-24T16:02:15.367758600Z eb4.237c: LastWriteTime: 2014-08-28T12:58:32.000000000Z eb4.237c: ChangeTime: 2016-03-17T04:54:54.898689100Z eb4.237c: FileAttributes: 0x20 eb4.237c: Size: 0x2c548 eb4.237c: NT Headers: 0xe0 eb4.237c: Timestamp: 0x53ee4b6e eb4.237c: Machine: 0x8664 - amd64 eb4.237c: Timestamp: 0x53ee4b6e eb4.237c: Image Version: 0.0 eb4.237c: SizeOfImage: 0x2a200 (172544) eb4.237c: Resource Dir: 0x29a00 LB 0x340 eb4.237c: ProductName: SYSCORE eb4.237c: FileVersion: SYSCORE.15.1.0.680 eb4.237c: PrivateBuild: SYSCORE.15.1.0.680 F16 eb4.237c: FileDescription: Access Protection Filter Driver eb4.237c: \SystemRoot\System32\drivers\mfeavfk.sys: eb4.237c: CreationTime: 2014-10-24T16:02:15.183758600Z eb4.237c: LastWriteTime: 2014-08-28T13:00:14.000000000Z eb4.237c: ChangeTime: 2016-03-17T05:48:21.146979900Z eb4.237c: FileAttributes: 0x20 eb4.237c: Size: 0x4c948 eb4.237c: NT Headers: 0xe8 eb4.237c: Timestamp: 0x53ee4b7e eb4.237c: Machine: 0x8664 - amd64 eb4.237c: Timestamp: 0x53ee4b7e eb4.237c: Image Version: 0.0 eb4.237c: SizeOfImage: 0x4a300 (303872) eb4.237c: Resource Dir: 0x49500 LB 0x718 eb4.237c: ProductName: SYSCORE eb4.237c: FileVersion: SYSCORE.15.1.0.680 eb4.237c: PrivateBuild: SYSCORE.15.1.0.680 F15,F16,F19 eb4.237c: FileDescription: Anti-Virus File System Filter Driver eb4.237c: \SystemRoot\System32\drivers\mfefirek.sys: eb4.237c: CreationTime: 2014-10-24T16:28:03.932756900Z eb4.237c: LastWriteTime: 2014-08-28T13:03:42.000000000Z eb4.237c: ChangeTime: 2016-03-17T05:48:21.178179900Z eb4.237c: FileAttributes: 0x20 eb4.237c: Size: 0x80810 eb4.237c: NT Headers: 0xe8 eb4.237c: Timestamp: 0x53ee4bce eb4.237c: Machine: 0x8664 - amd64 eb4.237c: Timestamp: 0x53ee4bce eb4.237c: Image Version: 0.0 eb4.237c: SizeOfImage: 0x7dd00 (515328) eb4.237c: Resource Dir: 0x7b380 LB 0x350 eb4.237c: ProductName: SYSCORE eb4.237c: FileVersion: SYSCORE.15.1.0.680 eb4.237c: PrivateBuild: SYSCORE.15.1.0.680 F17,F18 eb4.237c: FileDescription: McAfee Core Firewall Engine Driver eb4.237c: \SystemRoot\System32\drivers\mfehidk.sys: eb4.237c: CreationTime: 2014-10-24T16:02:14.427758600Z eb4.237c: LastWriteTime: 2014-08-28T13:08:02.000000000Z eb4.237c: ChangeTime: 2016-03-17T05:48:21.193779900Z eb4.237c: FileAttributes: 0x20 eb4.237c: Size: 0xbff78 eb4.237c: NT Headers: 0xf0 eb4.237c: Timestamp: 0x53ee4b36 eb4.237c: Machine: 0x8664 - amd64 eb4.237c: Timestamp: 0x53ee4b36 eb4.237c: Image Version: 0.0 eb4.237c: SizeOfImage: 0xbce80 (773760) eb4.237c: Resource Dir: 0xba880 LB 0x348 eb4.237c: ProductName: SYSCORE eb4.237c: FileVersion: SYSCORE.15.1.0.680 eb4.237c: PrivateBuild: SYSCORE.15.1.0.680 F14,F15,F16,F18,F20 eb4.237c: FileDescription: McAfee Link Driver eb4.237c: \SystemRoot\System32\drivers\mfewfpk.sys: eb4.237c: CreationTime: 2014-10-24T16:02:09.204758600Z eb4.237c: LastWriteTime: 2014-08-28T13:17:38.000000000Z eb4.237c: ChangeTime: 2016-03-17T03:52:46.469633100Z eb4.237c: FileAttributes: 0x20 eb4.237c: Size: 0x55188 eb4.237c: NT Headers: 0xf8 eb4.237c: Timestamp: 0x53ee4b46 eb4.237c: Machine: 0x8664 - amd64 eb4.237c: Timestamp: 0x53ee4b46 eb4.237c: Image Version: 0.0 eb4.237c: SizeOfImage: 0x52a80 (338560) eb4.237c: Resource Dir: 0x51f00 LB 0x348 eb4.237c: ProductName: SYSCORE eb4.237c: FileVersion: SYSCORE.15.1.0.680 eb4.237c: PrivateBuild: SYSCORE.15.1.0.680 F17,F18 eb4.237c: FileDescription: Anti-Virus Mini-Firewall Driver eb4.237c: \SystemRoot\System32\drivers\dgmaster.sys: eb4.237c: CreationTime: 2014-10-24T16:29:07.261756900Z eb4.237c: LastWriteTime: 2013-06-11T18:04:28.000000000Z eb4.237c: ChangeTime: 2014-10-24T16:29:07.345756900Z eb4.237c: FileAttributes: 0x20 eb4.237c: Size: 0x1556f0 eb4.237c: NT Headers: 0x108 eb4.237c: Timestamp: 0x51b766a9 eb4.237c: Machine: 0x8664 - amd64 eb4.237c: Timestamp: 0x51b766a9 eb4.237c: Image Version: 6.1 eb4.237c: SizeOfImage: 0x16a000 (1482752) eb4.237c: Resource Dir: 0x12d000 LB 0x35f80 eb4.237c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox' eb4.237c: Calling main() eb4.237c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 eb4.237c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox' eb4.237c: SUPR3HardenedMain: Respawn #1 eb4.237c: System32: \Device\HarddiskVolume1\Windows\System32 eb4.237c: WinSxS: \Device\HarddiskVolume1\Windows\winsxs eb4.237c: KnownDllPath: C:\Windows\system32 eb4.237c: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports eb4.237c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe) eb4.237c: supR3HardNtEnableThreadCreation: eb4.237c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007714b170 pvNtTerminateThread=000000007716d8e0 eb4.237c: supR3HardenedWinDoReSpawn(1): New child e50.178c [kernel32]. eb4.237c: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380 eb4.237c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077120000 uNtDllChildAddr=0000000077120000 eb4.237c: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007714b170 eb4.237c: supR3HardenedWinSetupChildInit: Start child. eb4.237c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. eb4.237c: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 43 sleeps eb4.237c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION eb4.237c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000 eb4.237c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000 eb4.237c: *0000000000030000-000000000002efff 0x0040/0x0040 0x0020000 !! eb4.237c: supHardNtVpFreeOrReplacePrivateExecMemory: Replacing exec mem at 0000000000030000 (LB 0x1000, 0000000000030000 LB 0x1000) eb4.237c: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [0000000000030000/0000000000030000 LB 0/0x1000] eb4.237c: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/0000000000030000 LB 0x10000 s=0x10000 ap=0x0 rp=0x00000000000001 eb4.237c: Error (rc=-5673): eb4.237c: NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details eb4.237c: Error (rc=-5645): eb4.237c: Too many virtual memory regions. eb4.237c: Error (rc=-5673): eb4.237c: supHardenedWinVerifyProcess failed with Unknown Status -5673 (0xffffe9d7): NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details [rc=-5645] Too many virtual memory regions. eb4.237c: Error -5673 in supR3HardNtChildPurify! (enmWhat=5) eb4.237c: supHardenedWinVerifyProcess failed with Unknown Status -5673 (0xffffe9d7): NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details [rc=-5645] Too many virtual memory regions. eb4.237c: supR3HardNtEnableThreadCreation: