Bład przy odpaleniu

kosa669699 · 1 Kwietnia 2017

witam mam problem. Gdy odpalam maszyna na VB przyciskiem start nie moge odpalić

tu http://mailing.nie-spamuj.eu/mailing.html

RAZOR5171 · 1 Kwietnia 2017

Przeciez napiasne jest, zebys spojrzal do logow. Tam pewnie bedzie odpowiedz.

kosa669699 · 1 Kwietnia 2017

^masz

Failed to open the hard disk file D:\aaaaaaaaaaaaaaaaaaaaaaaaaaaa\FreeBSD 9.2\FreeBSD 9.2.vbox.

Could not get the storage format of the medium 'D:\aaaaaaaaaaaaaaaaaaaaaaaaaaaa\FreeBSD 9.2\FreeBSD 9.2.vbox' (VERR_NOT_SUPPORTED).

Result Code: VBOX_E_IPRT_ERROR (0x80BB0005)
Component: Medium
Interface: IMedium {05f2bbb6-a3a6-4fb9-9b49-6d0dda7142ac}
Callee: IVirtualBox {fafa4e17-1ee2-4905-a10e-fe7c18bf5554}
Callee RC: VBOX_E_OBJECT_NOT_FOUND (0x80BB0001)

RAZOR5171 · 1 Kwietnia 2017

Spróbuj zrobić reinstall virtualboxa. Upewnij sie, ze masz najnowsza wersje.

kosa669699 · 1 Kwietnia 2017

Pewnie 2 min

kosa669699 · 1 Kwietnia 2017

19f4.55c: Log file opened: 5.1.18r114002 g_hStartupLog=00000010 g_uNtVerCombined=0x611db100

19f4.55c: \SystemRoot\System32\ntdll.dll:

19f4.55c: CreationTime: 2009-07-13T23:11:59.457375200Z

19f4.55c: LastWriteTime: 2010-06-04T08:57:58.000000000Z

19f4.55c: ChangeTime: 2015-12-07T11:53:15.302623800Z

19f4.55c: FileAttributes: 0x20

19f4.55c: Size: 0x13a328

19f4.55c: NT Headers: 0xd0

19f4.55c: Timestamp: 0x4c08ad55

19f4.55c: Machine: 0x14c - i386

19f4.55c: Timestamp: 0x4c08ad55

19f4.55c: Image Version: 6.1

19f4.55c: SizeOfImage: 0x13c000 (1294336)

19f4.55c: Resource Dir: 0xe0000 LB 0x560d8

19f4.55c: ProductName: Microsoft® Windows® Operating System

19f4.55c: ProductVersion: 6.1.7601.16562

19f4.55c: FileVersion: 6.1.7601.16562 (win7sp1_beta.100603-1800)

19f4.55c: FileDescription: NT Layer DLL

19f4.55c: \SystemRoot\System32\kernel32.dll:

19f4.55c: CreationTime: 2009-07-13T23:16:43.375555200Z

19f4.55c: LastWriteTime: 2010-06-04T07:52:30.000000000Z

19f4.55c: ChangeTime: 2015-12-07T11:53:17.205732600Z

19f4.55c: FileAttributes: 0x20

19f4.55c: Size: 0xd1400

19f4.55c: NT Headers: 0xf0

19f4.55c: Timestamp: 0x4c08acb5

19f4.55c: Machine: 0x14c - i386

19f4.55c: Timestamp: 0x4c08acb5

19f4.55c: Image Version: 6.1

19f4.55c: SizeOfImage: 0xd4000 (868352)

19f4.55c: Resource Dir: 0xc7000 LB 0x528

19f4.55c: ProductName: Microsoft® Windows® Operating System

19f4.55c: ProductVersion: 6.1.7601.16562

19f4.55c: FileVersion: 6.1.7601.16562 (win7sp1_beta.100603-1800)

19f4.55c: FileDescription: Windows NT BASE API Client DLL

19f4.55c: \SystemRoot\System32\KernelBase.dll:

19f4.55c: CreationTime: 2009-07-13T23:12:07.023326700Z

19f4.55c: LastWriteTime: 2010-06-04T07:52:30.000000000Z

19f4.55c: ChangeTime: 2015-12-07T11:53:17.503749600Z

19f4.55c: FileAttributes: 0x20

19f4.55c: Size: 0x46400

19f4.55c: NT Headers: 0xe0

19f4.55c: Timestamp: 0x4c08acb6

19f4.55c: Machine: 0x14c - i386

19f4.55c: Timestamp: 0x4c08acb6

19f4.55c: Image Version: 6.1

19f4.55c: SizeOfImage: 0x4a000 (303104)

19f4.55c: Resource Dir: 0x46000 LB 0x530

19f4.55c: ProductName: Microsoft® Windows® Operating System

19f4.55c: ProductVersion: 6.1.7601.16562

19f4.55c: FileVersion: 6.1.7601.16562 (win7sp1_beta.100603-1800)

19f4.55c: FileDescription: Windows NT BASE API Client DLL

19f4.55c: \SystemRoot\System32\apisetschema.dll:

19f4.55c: CreationTime: 2009-07-13T23:10:57.463372600Z

19f4.55c: LastWriteTime: 2009-07-14T01:03:49.551000000Z

19f4.55c: ChangeTime: 2015-11-16T11:24:15.805522400Z

19f4.55c: FileAttributes: 0x20

19f4.55c: Size: 0x1a00

19f4.55c: NT Headers: 0xc0

19f4.55c: Timestamp: 0x4a5bd9b5

19f4.55c: Machine: 0x14c - i386

19f4.55c: Timestamp: 0x4a5bd9b5

19f4.55c: Image Version: 6.1

19f4.55c: SizeOfImage: 0x50000 (327680)

19f4.55c: Resource Dir: 0x30000 LB 0x3f0

19f4.55c: ProductName: Microsoft® Windows® Operating System

19f4.55c: ProductVersion: 6.1.7600.16385

19f4.55c: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)

19f4.55c: FileDescription: ApiSet Schema DLL

19f4.55c: supR3HardenedWinFindAdversaries: 0x0

19f4.55c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'

19f4.55c: Calling main()

19f4.55c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2

19f4.55c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'

19f4.55c: SUPR3HardenedMain: Respawn #1

19f4.55c: System32: \Device\HarddiskVolume1\Windows\System32

19f4.55c: WinSxS: \Device\HarddiskVolume1\Windows\winsxs

19f4.55c: KnownDllPath: C:\Windows\system32

19f4.55c: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports

19f4.55c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)

19f4.55c: supR3HardNtEnableThreadCreation:

19f4.55c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=76eaaf09 pvNtTerminateThread=76e959b8

19f4.55c: supR3HardenedWinDoReSpawn(1): New child 140c.1a7c [kernel32].

19f4.55c: supR3HardNtChildGatherData: PebBaseAddress=7ffdf000 cbPeb=0x248

19f4.55c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=76e50000 uNtDllChildAddr=76e50000

19f4.55c: supR3HardenedWinSetupChildInit: uLdrInitThunk=76eaaf09

19f4.55c: supR3HardenedWinSetupChildInit: Start child.

19f4.55c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 6 ms.

19f4.55c: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 0 sleeps

19f4.55c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION

19f4.55c: *00000000-fffeffff 0x0001/0x0000 0x0000000

19f4.55c: *00010000-fffeffff 0x0004/0x0004 0x0020000

19f4.55c: *00030000-0002bfff 0x0002/0x0002 0x0040000

19f4.55c: 00034000-00027fff 0x0001/0x0000 0x0000000

19f4.55c: *00040000-0003efff 0x0004/0x0004 0x0020000

19f4.55c: 00041000-fff91fff 0x0001/0x0000 0x0000000

19f4.55c: *000f0000-ffff2fff 0x0000/0x0004 0x0020000

19f4.55c: 001ed000-001ebfff 0x0104/0x0004 0x0020000

19f4.55c: 001ee000-001ebfff 0x0004/0x0004 0x0020000

19f4.55c: 001f0000-ff3cffff 0x0001/0x0000 0x0000000

19f4.55c: *01010000-01010fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

19f4.55c: 01011000-01075fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

19f4.55c: 01076000-01076fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

19f4.55c: 01077000-010affff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

19f4.55c: 010b0000-010b0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

19f4.55c: 010b1000-010b1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

19f4.55c: 010b2000-010b2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

19f4.55c: 010b3000-010b3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

19f4.55c: 010b4000-010b8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

19f4.55c: 010b9000-010bbfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

19f4.55c: 010bc000-010fffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

19f4.55c: 01100000-8b3affff 0x0001/0x0000 0x0000000

19f4.55c: *76e50000-76e50fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll

19f4.55c: 76e51000-76f26fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll

19f4.55c: 76f27000-76f2ffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll

19f4.55c: 76f30000-76f8bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll

19f4.55c: 76f8c000-76e87fff 0x0001/0x0000 0x0000000

19f4.55c: *77090000-77090fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll

19f4.55c: 77091000-6e171fff 0x0001/0x0000 0x0000000

19f4.55c: *7ffb0000-7ff8cfff 0x0002/0x0002 0x0040000

19f4.55c: 7ffd3000-7ffc7fff 0x0001/0x0000 0x0000000

19f4.55c: *7ffde000-7ffdcfff 0x0004/0x0004 0x0020000

19f4.55c: *7ffdf000-7ffddfff 0x0004/0x0004 0x0020000

19f4.55c: *7ffe0000-7ffdefff 0x0002/0x0002 0x0020000

19f4.55c: 7ffe1000-7ffd1fff 0x0001/0x0002 0x0020000

19f4.55c: apisetschema.dll: timestamp 0x4a5bd9b5 (rc=VINF_SUCCESS)

19f4.55c: VirtualBox.exe: timestamp 0x58c962da (rc=VINF_SUCCESS)

19f4.55c: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports

19f4.55c: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports

19f4.55c: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports

19f4.55c: supR3HardNtChildPurify: Done after 303 ms and 0 fixes (loop #0).

19f4.55c: supR3HardNtEnableThreadCreation:

140c.1a7c: Log file opened: 5.1.18r114002 g_hStartupLog=00000004 g_uNtVerCombined=0x611db100

140c.1a7c: supR3HardenedVmProcessInit: uNtDllAddr=76e50000 g_uNtVerCombined=0x611db100

140c.1a7c: ntdll.dll: timestamp 0x4c08ad55 (rc=VINF_SUCCESS)

140c.1a7c: New simple heap: #1 002f0000 LB 0x400000 (for 1294336 allocation)

140c.1a7c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'

140c.1a7c: System32: \Device\HarddiskVolume1\Windows\System32

140c.1a7c: WinSxS: \Device\HarddiskVolume1\Windows\winsxs

140c.1a7c: KnownDllPath: C:\Windows\system32

140c.1a7c: supR3HardenedVmProcessInit: Opening vboxdrv stub...

140c.1a7c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...

140c.1a7c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...

140c.1a7c: Registered Dll notification callback with NTDLL.

140c.1a7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)

140c.1a7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll

140c.1a7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=00000000:<flags> [calling]

140c.1a7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]

140c.1a7c: supR3HardenedDllNotificationCallback: load 75920000 LB 0x000d4000 C:\Windows\system32\kernel32.dll [fFlags=0x0]

140c.1a7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]

140c.1a7c: supR3HardenedDllNotificationCallback: load 738d0000 LB 0x0004a000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]

140c.1a7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)

140c.1a7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll

140c.1a7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75920000 'C:\Windows\system32\kernel32.dll'

140c.1a7c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=76eaaf09 pvNtTerminateThread=76e959b8

19f4.55c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 68 ms.

140c.1a7c: \SystemRoot\System32\ntdll.dll:

140c.1a7c: CreationTime: 2009-07-13T23:11:59.457375200Z

140c.1a7c: LastWriteTime: 2010-06-04T08:57:58.000000000Z

140c.1a7c: ChangeTime: 2015-12-07T11:53:15.302623800Z

140c.1a7c: FileAttributes: 0x20

140c.1a7c: Size: 0x13a328

140c.1a7c: NT Headers: 0xd0

140c.1a7c: Timestamp: 0x4c08ad55

140c.1a7c: Machine: 0x14c - i386

140c.1a7c: Timestamp: 0x4c08ad55

140c.1a7c: Image Version: 6.1

140c.1a7c: SizeOfImage: 0x13c000 (1294336)

140c.1a7c: Resource Dir: 0xe0000 LB 0x560d8

140c.1a7c: ProductName: Microsoft® Windows® Operating System

140c.1a7c: ProductVersion: 6.1.7601.16562

140c.1a7c: FileVersion: 6.1.7601.16562 (win7sp1_beta.100603-1800)

140c.1a7c: FileDescription: NT Layer DLL

140c.1a7c: \SystemRoot\System32\kernel32.dll:

140c.1a7c: CreationTime: 2009-07-13T23:16:43.375555200Z

140c.1a7c: LastWriteTime: 2010-06-04T07:52:30.000000000Z

140c.1a7c: ChangeTime: 2015-12-07T11:53:17.205732600Z

140c.1a7c: FileAttributes: 0x20

140c.1a7c: Size: 0xd1400

140c.1a7c: NT Headers: 0xf0

140c.1a7c: Timestamp: 0x4c08acb5

140c.1a7c: Machine: 0x14c - i386

140c.1a7c: Timestamp: 0x4c08acb5

140c.1a7c: Image Version: 6.1

140c.1a7c: SizeOfImage: 0xd4000 (868352)

140c.1a7c: Resource Dir: 0xc7000 LB 0x528

140c.1a7c: ProductName: Microsoft® Windows® Operating System

140c.1a7c: ProductVersion: 6.1.7601.16562

140c.1a7c: FileVersion: 6.1.7601.16562 (win7sp1_beta.100603-1800)

140c.1a7c: FileDescription: Windows NT BASE API Client DLL

140c.1a7c: \SystemRoot\System32\KernelBase.dll:

140c.1a7c: CreationTime: 2009-07-13T23:12:07.023326700Z

140c.1a7c: LastWriteTime: 2010-06-04T07:52:30.000000000Z

140c.1a7c: ChangeTime: 2015-12-07T11:53:17.503749600Z

140c.1a7c: FileAttributes: 0x20

140c.1a7c: Size: 0x46400

140c.1a7c: NT Headers: 0xe0

140c.1a7c: Timestamp: 0x4c08acb6

140c.1a7c: Machine: 0x14c - i386

140c.1a7c: Timestamp: 0x4c08acb6

140c.1a7c: Image Version: 6.1

140c.1a7c: SizeOfImage: 0x4a000 (303104)

140c.1a7c: Resource Dir: 0x46000 LB 0x530

140c.1a7c: ProductName: Microsoft® Windows® Operating System

140c.1a7c: ProductVersion: 6.1.7601.16562

140c.1a7c: FileVersion: 6.1.7601.16562 (win7sp1_beta.100603-1800)

140c.1a7c: FileDescription: Windows NT BASE API Client DLL

140c.1a7c: \SystemRoot\System32\apisetschema.dll:

140c.1a7c: CreationTime: 2009-07-13T23:10:57.463372600Z

140c.1a7c: LastWriteTime: 2009-07-14T01:03:49.551000000Z

140c.1a7c: ChangeTime: 2015-11-16T11:24:15.805522400Z

140c.1a7c: FileAttributes: 0x20

140c.1a7c: Size: 0x1a00

140c.1a7c: NT Headers: 0xc0

140c.1a7c: Timestamp: 0x4a5bd9b5

140c.1a7c: Machine: 0x14c - i386

140c.1a7c: Timestamp: 0x4a5bd9b5

140c.1a7c: Image Version: 6.1

140c.1a7c: SizeOfImage: 0x50000 (327680)

140c.1a7c: Resource Dir: 0x30000 LB 0x3f0

140c.1a7c: ProductName: Microsoft® Windows® Operating System

140c.1a7c: ProductVersion: 6.1.7600.16385

140c.1a7c: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)

140c.1a7c: FileDescription: ApiSet Schema DLL

140c.1a7c: supR3HardenedWinFindAdversaries: 0x0

140c.1a7c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'

140c.1a7c: Calling main()

140c.1a7c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2

140c.1a7c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'

140c.1a7c: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports

140c.1a7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)

140c.1a7c: SUPR3HardenedMain: Respawn #2

140c.1a7c: supR3HardNtEnableThreadCreation:

140c.1a7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)

140c.1a7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll

140c.1a7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=00000000:<flags> [calling]

140c.1a7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]

140c.1a7c: supR3HardenedDllNotificationCallback: load 735d0000 LB 0x0004b000 C:\Windows\system32\apphelp.dll [fFlags=0x0]

140c.1a7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]

140c.1a7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=735d0000 'C:\Windows\system32\apphelp.dll'

140c.1a7c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=76eaaf09 pvNtTerminateThread=76e959b8

140c.1a7c: supR3HardenedWinDoReSpawn(2): New child 1b34.8fc [kernel32].

140c.1a7c: supR3HardNtChildGatherData: PebBaseAddress=7ffd3000 cbPeb=0x248

140c.1a7c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=76e50000 uNtDllChildAddr=76e50000

140c.1a7c: supR3HardenedWinSetupChildInit: uLdrInitThunk=76eaaf09

140c.1a7c: supR3HardenedWinSetupChildInit: Start child.

140c.1a7c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 3 ms.

140c.1a7c: supR3HardNtChildPurify: Startup delay kludge #1/0: 261 ms, 0 sleeps

140c.1a7c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION

140c.1a7c: *00000000-fffeffff 0x0001/0x0000 0x0000000

140c.1a7c: *00010000-fffeffff 0x0004/0x0004 0x0020000

140c.1a7c: *00030000-0002bfff 0x0002/0x0002 0x0040000

140c.1a7c: 00034000-00027fff 0x0001/0x0000 0x0000000

140c.1a7c: *00040000-0003efff 0x0004/0x0004 0x0020000

140c.1a7c: 00041000-ffe81fff 0x0001/0x0000 0x0000000

140c.1a7c: *00200000-00102fff 0x0000/0x0004 0x0020000

140c.1a7c: 002fd000-002fbfff 0x0104/0x0004 0x0020000

140c.1a7c: 002fe000-002fbfff 0x0004/0x0004 0x0020000

140c.1a7c: 00300000-ff5effff 0x0001/0x0000 0x0000000

140c.1a7c: *01010000-01010fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

140c.1a7c: 01011000-01075fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

140c.1a7c: 01076000-01076fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

140c.1a7c: 01077000-010affff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

140c.1a7c: 010b0000-010b0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

140c.1a7c: 010b1000-010b1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

140c.1a7c: 010b2000-010b2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

140c.1a7c: 010b3000-010b3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

140c.1a7c: 010b4000-010b8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

140c.1a7c: 010b9000-010bbfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

140c.1a7c: 010bc000-010fffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe

140c.1a7c: 01100000-8b3affff 0x0001/0x0000 0x0000000

140c.1a7c: *76e50000-76e50fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll

140c.1a7c: 76e51000-76f26fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll

140c.1a7c: 76f27000-76f2ffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll

140c.1a7c: 76f30000-76f8bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll

140c.1a7c: 76f8c000-76e87fff 0x0001/0x0000 0x0000000

140c.1a7c: *77090000-77090fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll

140c.1a7c: 77091000-6e171fff 0x0001/0x0000 0x0000000

140c.1a7c: *7ffb0000-7ff8cfff 0x0002/0x0002 0x0040000

140c.1a7c: *7ffd3000-7ffd1fff 0x0004/0x0004 0x0020000

140c.1a7c: 7ffd4000-7ffc8fff 0x0001/0x0000 0x0000000

140c.1a7c: *7ffdf000-7ffddfff 0x0004/0x0004 0x0020000

140c.1a7c: *7ffe0000-7ffdefff 0x0002/0x0002 0x0020000

140c.1a7c: 7ffe1000-7ffd1fff 0x0001/0x0002 0x0020000

140c.1a7c: apisetschema.dll: timestamp 0x4a5bd9b5 (rc=VINF_SUCCESS)

140c.1a7c: VirtualBox.exe: timestamp 0x58c962da (rc=VINF_SUCCESS)

140c.1a7c: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports

140c.1a7c: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports

140c.1a7c: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports

140c.1a7c: supR3HardNtChildPurify: Done after 303 ms and 0 fixes (loop #0).

1b34.8fc: Log file opened: 5.1.18r114002 g_hStartupLog=00000004 g_uNtVerCombined=0x611db100

1b34.8fc: supR3HardenedVmProcessInit: uNtDllAddr=76e50000 g_uNtVerCombined=0x611db100

1b34.8fc: ntdll.dll: timestamp 0x4c08ad55 (rc=VINF_SUCCESS)

1b34.8fc: New simple heap: #1 00300000 LB 0x400000 (for 1294336 allocation)

1b34.8fc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'

1b34.8fc: System32: \Device\HarddiskVolume1\Windows\System32

1b34.8fc: WinSxS: \Device\HarddiskVolume1\Windows\winsxs

1b34.8fc: KnownDllPath: C:\Windows\system32

1b34.8fc: supR3HardenedVmProcessInit: Opening vboxdrv...

140c.1a7c: supR3HardenedEarlyCompact: Removed heap 1 (0x2f0000 LB 0x400000)

140c.1a7c: supR3HardNtEnableThreadCreation:

1b34.8fc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...

1b34.8fc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...

1b34.8fc: Registered Dll notification callback with NTDLL.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=00000000:<flags> [calling]

1b34.8fc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 75920000 LB 0x000d4000 C:\Windows\system32\kernel32.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 738d0000 LB 0x0004a000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75920000 'C:\Windows\system32\kernel32.dll'

1b34.8fc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=76eaaf09 pvNtTerminateThread=76e959b8

1b34.8fc: \SystemRoot\System32\ntdll.dll:

1b34.8fc: CreationTime: 2009-07-13T23:11:59.457375200Z

1b34.8fc: LastWriteTime: 2010-06-04T08:57:58.000000000Z

1b34.8fc: ChangeTime: 2015-12-07T11:53:15.302623800Z

1b34.8fc: FileAttributes: 0x20

1b34.8fc: Size: 0x13a328

1b34.8fc: NT Headers: 0xd0

1b34.8fc: Timestamp: 0x4c08ad55

1b34.8fc: Machine: 0x14c - i386

1b34.8fc: Timestamp: 0x4c08ad55

1b34.8fc: Image Version: 6.1

1b34.8fc: SizeOfImage: 0x13c000 (1294336)

1b34.8fc: Resource Dir: 0xe0000 LB 0x560d8

1b34.8fc: ProductName: Microsoft® Windows® Operating System

1b34.8fc: ProductVersion: 6.1.7601.16562

1b34.8fc: FileVersion: 6.1.7601.16562 (win7sp1_beta.100603-1800)

1b34.8fc: FileDescription: NT Layer DLL

1b34.8fc: \SystemRoot\System32\kernel32.dll:

1b34.8fc: CreationTime: 2009-07-13T23:16:43.375555200Z

1b34.8fc: LastWriteTime: 2010-06-04T07:52:30.000000000Z

1b34.8fc: ChangeTime: 2015-12-07T11:53:17.205732600Z

1b34.8fc: FileAttributes: 0x20

1b34.8fc: Size: 0xd1400

1b34.8fc: NT Headers: 0xf0

1b34.8fc: Timestamp: 0x4c08acb5

1b34.8fc: Machine: 0x14c - i386

1b34.8fc: Timestamp: 0x4c08acb5

1b34.8fc: Image Version: 6.1

1b34.8fc: SizeOfImage: 0xd4000 (868352)

1b34.8fc: Resource Dir: 0xc7000 LB 0x528

1b34.8fc: ProductName: Microsoft® Windows® Operating System

1b34.8fc: ProductVersion: 6.1.7601.16562

1b34.8fc: FileVersion: 6.1.7601.16562 (win7sp1_beta.100603-1800)

1b34.8fc: FileDescription: Windows NT BASE API Client DLL

1b34.8fc: \SystemRoot\System32\KernelBase.dll:

1b34.8fc: CreationTime: 2009-07-13T23:12:07.023326700Z

1b34.8fc: LastWriteTime: 2010-06-04T07:52:30.000000000Z

1b34.8fc: ChangeTime: 2015-12-07T11:53:17.503749600Z

1b34.8fc: FileAttributes: 0x20

1b34.8fc: Size: 0x46400

1b34.8fc: NT Headers: 0xe0

1b34.8fc: Timestamp: 0x4c08acb6

1b34.8fc: Machine: 0x14c - i386

1b34.8fc: Timestamp: 0x4c08acb6

1b34.8fc: Image Version: 6.1

140c.1a7c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 14 ms.

1b34.8fc: SizeOfImage: 0x4a000 (303104)

1b34.8fc: Resource Dir: 0x46000 LB 0x530

1b34.8fc: ProductName: Microsoft® Windows® Operating System

1b34.8fc: ProductVersion: 6.1.7601.16562

1b34.8fc: FileVersion: 6.1.7601.16562 (win7sp1_beta.100603-1800)

1b34.8fc: FileDescription: Windows NT BASE API Client DLL

1b34.8fc: \SystemRoot\System32\apisetschema.dll:

1b34.8fc: CreationTime: 2009-07-13T23:10:57.463372600Z

1b34.8fc: LastWriteTime: 2009-07-14T01:03:49.551000000Z

1b34.8fc: ChangeTime: 2015-11-16T11:24:15.805522400Z

1b34.8fc: FileAttributes: 0x20

1b34.8fc: Size: 0x1a00

1b34.8fc: NT Headers: 0xc0

1b34.8fc: Timestamp: 0x4a5bd9b5

1b34.8fc: Machine: 0x14c - i386

1b34.8fc: Timestamp: 0x4a5bd9b5

1b34.8fc: Image Version: 6.1

1b34.8fc: SizeOfImage: 0x50000 (327680)

1b34.8fc: Resource Dir: 0x30000 LB 0x3f0

1b34.8fc: ProductName: Microsoft® Windows® Operating System

1b34.8fc: ProductVersion: 6.1.7600.16385

1b34.8fc: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)

1b34.8fc: FileDescription: ApiSet Schema DLL

1b34.8fc: supR3HardenedWinFindAdversaries: 0x0

1b34.8fc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'

1b34.8fc: Calling main()

1b34.8fc: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2

1b34.8fc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'

1b34.8fc: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)

1b34.8fc: SUPR3HardenedMain: Final process, opening VBoxDrv...

1b34.8fc: supR3HardenedEarlyCompact: Removed heap 1 (0x300000 LB 0x400000)

1b34.8fc: supR3HardNtEnableThreadCreation:

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 76030000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76030000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=76030000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\wintrust.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wintrust.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msasn1.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msasn1.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\crypt32.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\crypt32.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 73750000 LB 0x0002d000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 755f0000 LB 0x000ac000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 737b0000 LB 0x0011c000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 73740000 LB 0x0000c000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 756a0000 LB 0x000a1000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73750000 'C:\Windows\system32\Wintrust.dll'

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\bcrypt.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcrypt.dll

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 73280000 LB 0x00017000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73280000 'C:\Windows\system32\bcrypt.dll'

1b34.8fc: bcrypt.dll loaded at 73280000, BCryptOpenAlgorithmProvider at 73282cda, preloading providers:

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 72e30000 LB 0x0003d000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 75a50000 LB 0x000a0000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll

1b34.8fc: supR3HardenedDllNotificationCallback: load 76f90000 LB 0x00019000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\sechost.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=72e30000 'C:\Windows\system32\bcryptprimitives.dll'

1b34.8fc: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=007c06b8)

1b34.8fc: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=007c0c08)

1b34.8fc: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=007c0ca8)

1b34.8fc: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=007c0610)

1b34.8fc: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=007c1bc0)

1b34.8fc: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=007c1c60)

1b34.8fc: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=007c1d00)

1b34.8fc: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=007c1da0)

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptsp.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptsp.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 73260000 LB 0x00016000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73260000 'C:\Windows\system32\CRYPTSP.dll'

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\rsaenh.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rsaenh.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 72eb0000 LB 0x0003b000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=72eb0000 'C:\Windows\system32\rsaenh.dll'

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75a50000 'C:\Windows\system32\ADVAPI32.dll'

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptbase.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptbase.dll

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 73620000 LB 0x0000c000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73620000 'C:\Windows\system32\CRYPTBASE.dll'

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75920000 'C:\Windows\system32\kernel32.dll'

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73750000 'C:\Windows\system32\WINTRUST.DLL'

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=737b0000 'C:\Windows\system32\CRYPT32.dll'

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imagehlp.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imagehlp.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedDllNotificationCallback: load 75a10000 LB 0x0002a000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=75a10000 'C:\Windows\system32\imagehlp.dll'

1b34.8fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=007a2d94:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files\Yestony\Application;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Skype\Phone\ [calling]

1b34.8fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=73260000 'C:\Windows\system32\CRYPTSP.dll'

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\user32.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\user32.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gdi32.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gdi32.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume1\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\lpk.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\lpk.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume1\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.

1b34.8fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.

1b34.8fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\usp10.dll)

1b34.8fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\usp10.dll

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...

1b34.8fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]

1b34.8fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]