1184.2904: Log file opened: 4.3.28r100309 g_hStartupLog=0000000000000054 g_uNtVerCombined=0x611db110 1184.2904: \SystemRoot\System32\ntdll.dll: 1184.2904: CreationTime: 2015-06-16T09:45:56.689602800Z 1184.2904: LastWriteTime: 2015-03-17T05:19:37.641771700Z 1184.2904: ChangeTime: 2015-10-19T06:02:21.997720400Z 1184.2904: FileAttributes: 0x20 1184.2904: Size: 0x1a5da0 1184.2904: NT Headers: 0xe0 1184.2904: Timestamp: 0x5507b864 1184.2904: Machine: 0x8664 - amd64 1184.2904: Timestamp: 0x5507b864 1184.2904: Image Version: 6.1 1184.2904: SizeOfImage: 0x1a8000 (1736704) 1184.2904: Resource Dir: 0x14c000 LB 0x5a028 1184.2904: ProductName: Microsoft® Windows® Operating System 1184.2904: ProductVersion: 6.1.7601.18798 1184.2904: FileVersion: 6.1.7601.18798 (win7sp1_gdr.150316-1654) 1184.2904: FileDescription: NT Layer DLL 1184.2904: \SystemRoot\System32\kernel32.dll: 1184.2904: CreationTime: 2015-06-16T09:48:55.771604100Z 1184.2904: LastWriteTime: 2015-05-09T03:26:36.862000000Z 1184.2904: ChangeTime: 2015-10-19T05:32:20.447613100Z 1184.2904: FileAttributes: 0x20 1184.2904: Size: 0x11be00 1184.2904: NT Headers: 0xe8 1184.2904: Timestamp: 0x554d7df0 1184.2904: Machine: 0x8664 - amd64 1184.2904: Timestamp: 0x554d7df0 1184.2904: Image Version: 6.1 1184.2904: SizeOfImage: 0x11f000 (1175552) 1184.2904: Resource Dir: 0x116000 LB 0x528 1184.2904: ProductName: Microsoft® Windows® Operating System 1184.2904: ProductVersion: 6.1.7601.18847 1184.2904: FileVersion: 6.1.7601.18847 (win7sp1_gdr.150508-1512) 1184.2904: FileDescription: Windows NT BASE API Client DLL 1184.2904: \SystemRoot\System32\KernelBase.dll: 1184.2904: CreationTime: 2015-06-16T09:48:55.942761100Z 1184.2904: LastWriteTime: 2015-05-09T03:26:36.862000000Z 1184.2904: ChangeTime: 2015-10-19T05:32:20.457113100Z 1184.2904: FileAttributes: 0x20 1184.2904: Size: 0x67c00 1184.2904: NT Headers: 0xe8 1184.2904: Timestamp: 0x554d7df1 1184.2904: Machine: 0x8664 - amd64 1184.2904: Timestamp: 0x554d7df1 1184.2904: Image Version: 6.1 1184.2904: SizeOfImage: 0x6c000 (442368) 1184.2904: Resource Dir: 0x6a000 LB 0x530 1184.2904: ProductName: Microsoft® Windows® Operating System 1184.2904: ProductVersion: 6.1.7601.18847 1184.2904: FileVersion: 6.1.7601.18847 (win7sp1_gdr.150508-1512) 1184.2904: FileDescription: Windows NT BASE API Client DLL 1184.2904: \SystemRoot\System32\apisetschema.dll: 1184.2904: CreationTime: 2015-06-16T09:46:01.763502500Z 1184.2904: LastWriteTime: 2015-03-17T05:11:07.952000000Z 1184.2904: ChangeTime: 2015-10-19T06:02:22.015734800Z 1184.2904: FileAttributes: 0x20 1184.2904: Size: 0x1a00 1184.2904: NT Headers: 0xc0 1184.2904: Timestamp: 0x5507b7b1 1184.2904: Machine: 0x8664 - amd64 1184.2904: Timestamp: 0x5507b7b1 1184.2904: Image Version: 6.1 1184.2904: SizeOfImage: 0x50000 (327680) 1184.2904: Resource Dir: 0x30000 LB 0x3f8 1184.2904: ProductName: Microsoft® Windows® Operating System 1184.2904: ProductVersion: 6.1.7601.18798 1184.2904: FileVersion: 6.1.7601.18798 (win7sp1_gdr.150316-1654) 1184.2904: FileDescription: ApiSet Schema DLL 1184.2904: Found driver mfewfpk (0x20) 1184.2904: Found driver mfehidk (0x20) 1184.2904: Found driver mfeavfk (0x20) 1184.2904: Found driver mfeapfk (0x20) 1184.2904: Found driver dgmaster (0x2000) 1184.2904: Found driver mfefirek (0x20) 1184.2904: supR3HardenedWinFindAdversaries: 0x2020 1184.2904: \SystemRoot\System32\drivers\mfeapfk.sys: 1184.2904: CreationTime: 2014-10-20T11:24:40.462606400Z 1184.2904: LastWriteTime: 2014-10-20T11:24:30.256022700Z 1184.2904: ChangeTime: 2015-10-19T06:02:22.048761200Z 1184.2904: FileAttributes: 0x20 1184.2904: Size: 0x2c030 1184.2904: NT Headers: 0xe8 1184.2904: Timestamp: 0x52ab7fef 1184.2904: Machine: 0x8664 - amd64 1184.2904: Timestamp: 0x52ab7fef 1184.2904: Image Version: 0.0 1184.2904: SizeOfImage: 0x29d00 (171264) 1184.2904: Resource Dir: 0x29500 LB 0x340 1184.2904: ProductName: SYSCORE 1184.2904: FileVersion: SYSCORE.15.1.0.656 1184.2904: PrivateBuild: SYSCORE.15.1.0.656 F16 1184.2904: FileDescription: Access Protection Filter Driver 1184.2904: \SystemRoot\System32\drivers\mfeavfk.sys: 1184.2904: CreationTime: 2014-10-20T11:24:40.098585600Z 1184.2904: LastWriteTime: 2014-10-20T11:24:30.301025200Z 1184.2904: ChangeTime: 2015-10-19T06:02:22.092796400Z 1184.2904: FileAttributes: 0x20 1184.2904: Size: 0x4c130 1184.2904: NT Headers: 0xf0 1184.2904: Timestamp: 0x52ab8004 1184.2904: Machine: 0x8664 - amd64 1184.2904: Timestamp: 0x52ab8004 1184.2904: Image Version: 0.0 1184.2904: SizeOfImage: 0x49b00 (301824) 1184.2904: Resource Dir: 0x48d00 LB 0x718 1184.2904: ProductName: SYSCORE 1184.2904: FileVersion: SYSCORE.15.1.0.656 1184.2904: PrivateBuild: SYSCORE.15.1.0.656 F15,F16,F19 1184.2904: FileDescription: Anti-Virus File System Filter Driver 1184.2904: \SystemRoot\System32\drivers\mfefirek.sys: 1184.2904: CreationTime: 2014-10-20T11:27:55.996790400Z 1184.2904: LastWriteTime: 2013-12-17T08:26:26.000000000Z 1184.2904: ChangeTime: 2015-10-19T07:07:40.845175000Z 1184.2904: FileAttributes: 0x20 1184.2904: Size: 0x7ef78 1184.2904: NT Headers: 0xf0 1184.2904: Timestamp: 0x52ab8072 1184.2904: Machine: 0x8664 - amd64 1184.2904: Timestamp: 0x52ab8072 1184.2904: Image Version: 0.0 1184.2904: SizeOfImage: 0x7c480 (509056) 1184.2904: Resource Dir: 0x79b00 LB 0x350 1184.2904: ProductName: SYSCORE 1184.2904: FileVersion: SYSCORE.15.1.0.656 1184.2904: PrivateBuild: SYSCORE.15.1.0.656 F17,F18 1184.2904: FileDescription: McAfee Core Firewall Engine Driver 1184.2904: \SystemRoot\System32\drivers\mfehidk.sys: 1184.2904: CreationTime: 2014-10-20T11:24:39.534553400Z 1184.2904: LastWriteTime: 2014-10-20T11:24:30.494036300Z 1184.2904: ChangeTime: 2015-10-19T06:02:22.178865200Z 1184.2904: FileAttributes: 0x20 1184.2904: Size: 0xbf278 1184.2904: NT Headers: 0xf0 1184.2904: Timestamp: 0x52ab7fc4 1184.2904: Machine: 0x8664 - amd64 1184.2904: Timestamp: 0x52ab7fc4 1184.2904: Image Version: 0.0 1184.2904: SizeOfImage: 0xbc180 (770432) 1184.2904: Resource Dir: 0xb9b80 LB 0x348 1184.2904: ProductName: SYSCORE 1184.2904: FileVersion: SYSCORE.15.1.0.656 1184.2904: PrivateBuild: SYSCORE.15.1.0.656 F14,F15,F16,F18,F20 1184.2904: FileDescription: McAfee Link Driver 1184.2904: \SystemRoot\System32\drivers\mfewfpk.sys: 1184.2904: CreationTime: 2014-10-20T11:24:34.170246500Z 1184.2904: LastWriteTime: 2014-10-20T11:24:30.707048500Z 1184.2904: ChangeTime: 2015-10-19T06:02:22.220898800Z 1184.2904: FileAttributes: 0x20 1184.2904: Size: 0x54070 1184.2904: NT Headers: 0xf0 1184.2904: Timestamp: 0x52ab7fd3 1184.2904: Machine: 0x8664 - amd64 1184.2904: Timestamp: 0x52ab7fd3 1184.2904: Image Version: 0.0 1184.2904: SizeOfImage: 0x51980 (334208) 1184.2904: Resource Dir: 0x50e80 LB 0x348 1184.2904: ProductName: SYSCORE 1184.2904: FileVersion: SYSCORE.15.1.0.656 1184.2904: PrivateBuild: SYSCORE.15.1.0.656 F17,F18 1184.2904: FileDescription: Anti-Virus Mini-Firewall Driver 1184.2904: \SystemRoot\System32\drivers\dgmaster.sys: 1184.2904: CreationTime: 2015-04-28T08:20:21.413098200Z 1184.2904: LastWriteTime: 2013-06-11T12:04:28.000000000Z 1184.2904: ChangeTime: 2015-10-19T06:02:22.257928400Z 1184.2904: FileAttributes: 0x20 1184.2904: Size: 0x1556f0 1184.2904: NT Headers: 0x108 1184.2904: Timestamp: 0x51b766a9 1184.2904: Machine: 0x8664 - amd64 1184.2904: Timestamp: 0x51b766a9 1184.2904: Image Version: 6.1 1184.2904: SizeOfImage: 0x16a000 (1482752) 1184.2904: Resource Dir: 0x12d000 LB 0x35f80 1184.2904: Calling main() 1184.2904: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2 1184.2904: SUPR3HardenedMain: Respawn #1 1184.2904: System32: \Device\HarddiskVolume1\Windows\System32 1184.2904: WinSxS: \Device\HarddiskVolume1\Windows\winsxs 1184.2904: KnownDllPath: C:\Windows\system32 1184.2904: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports 1184.2904: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe) 1184.2904: supR3HardNtEnableThreadCreation: 1184.2904: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007778b690 pvNtTerminateThread=00000000777ae100 1184.2904: supR3HardenedWinDoReSpawn(1): New child 2b68.2188 [kernel32]. 1184.2904: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd3000 cbPeb=0x380 1184.2904: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077760000 uNtDllChildAddr=0000000077760000 1184.2904: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007778b690 1184.2904: supR3HardenedWinSetupChildInit: Start child. 1184.2904: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 1184.2904: supR3HardNtChildPurify: Startup delay kludge #1/0: 515 ms, 33 sleeps 1184.2904: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 1184.2904: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000 1184.2904: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000 1184.2904: *0000000000030000-000000000002efff 0x0040/0x0040 0x0020000 !! 1184.2904: supHardNtVpFreeOrReplacePrivateExecMemory: Replacing exec mem at 0000000000030000 (LB 0x1000, 0000000000030000 LB 0x1000) 1184.2904: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [0000000000030000/0000000000030000 LB 0/0x1000] 1184.2904: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/0000000000030000 LB 0x10000 s=0x10000 ap=0x0 rp=0x00000000000001 1184.2904: Error (rc=-5673): 1184.2904: NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details 1184.2904: Error (rc=-5645): 1184.2904: Too many virtual memory regions. 1184.2904: Error (rc=-5673): 1184.2904: supHardenedWinVerifyProcess failed with Unknown Status -5673 (0xffffe9d7): NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details [rc=-5645] Too many virtual memory regions. 1184.2904: Error -5673 in supR3HardNtChildPurify! (enmWhat=5) 1184.2904: supHardenedWinVerifyProcess failed with Unknown Status -5673 (0xffffe9d7): NtAllocateVirtualMemory (0000000000030000 LB 0x1000) failed with rcNt=0xc0000018 allocating replacement memory for working around buggy protection software. See VBoxStartup.log for more details [rc=-5645] Too many virtual memory regions. 1184.2904: supR3HardNtEnableThreadCreation: