wabarbosa
(usa Outra)
Enviado em 26/06/2019 - 20:16h
Instalei virtualbox versão VirtualBox-6.0.8-130520-Win
ele deu erro ao inciar, vi alguns tutoriais antigos e a alternativa iniciar pelas opções "Headless" e "Destacável" funcionavam, porem desde ontem que não funciona mais, já desinstalei, instalei extensões, fiz limpeza de disco pelo clean e nada. meu pc tem 8gb de memoria, configurei com 1500 a 3gb e nada.
Algum me ajude.
Falha ao abrir uma sessão para a máquina virtual Nova.
The virtual machine 'Nova' has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in 'C:\Users\Wanderson\VirtualBox VMs\Nova\Logs\VBoxHardening.log'.
Código de Resultado: E_FAIL (0x80004005)
Componente: MachineWrap
Interface: IMachine {5047460a-265d-4538-b23e-ddba5fb84976}
147c.15d4: Log file opened: 6.0.8r130520 g_hStartupLog=000000000000001c g_uNtVerCombined=0x611db000
147c.15d4: \SystemRoot\System32\ntdll.dll:
147c.15d4: CreationTime: 2009-07-13T23:22:13.778197900Z
147c.15d4: LastWriteTime: 2009-07-14T01:43:10.969080300Z
147c.15d4: ChangeTime: 2014-12-19T04:08:07.816293100Z
147c.15d4: FileAttributes: 0x20
147c.15d4: Size: 0x1a8058
147c.15d4: NT Headers: 0xe8
147c.15d4: Timestamp: 0x4a5be02b
147c.15d4: Machine: 0x8664 - amd64
147c.15d4: Timestamp: 0x4a5be02b
147c.15d4: Image Version: 6.1
147c.15d4: SizeOfImage: 0x1ab000 (1748992)
147c.15d4: Resource Dir: 0x153000 LB 0x560d0
147c.15d4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
147c.15d4: [Raw version resource data: 0x1530f0 LB 0x378, codepage 0x0 (reserved 0x0)]
147c.15d4: ProductName: Microsoft® Windows® Operating System
147c.15d4: ProductVersion: 6.1.7600.16385
147c.15d4: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
147c.15d4: FileDescription: NT Layer DLL
147c.15d4: \SystemRoot\System32\kernel32.dll:
147c.15d4: CreationTime: 2009-07-13T23:28:56.812047100Z
147c.15d4: LastWriteTime: 2009-07-14T01:41:13.689000000Z
147c.15d4: ChangeTime: 2014-12-19T04:07:51.139863800Z
147c.15d4: FileAttributes: 0x20
147c.15d4: Size: 0x11bc00
147c.15d4: NT Headers: 0xe0
147c.15d4: Timestamp: 0x4a5bdfdf
147c.15d4: Machine: 0x8664 - amd64
147c.15d4: Timestamp: 0x4a5bdfdf
147c.15d4: Image Version: 6.1
147c.15d4: SizeOfImage: 0x11f000 (1175552)
147c.15d4: Resource Dir: 0x116000 LB 0x520
147c.15d4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
147c.15d4: [Raw version resource data: 0x1160b0 LB 0x39c, codepage 0x0 (reserved 0x0)]
147c.15d4: ProductName: Microsoft® Windows® Operating System
147c.15d4: ProductVersion: 6.1.7600.16385
147c.15d4: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
147c.15d4: FileDescription: Windows NT BASE API Client DLL
147c.15d4: \SystemRoot\System32\KernelBase.dll:
147c.15d4: CreationTime: 2009-07-13T23:20:03.551902300Z
147c.15d4: LastWriteTime: 2009-07-14T01:41:13.689000000Z
147c.15d4: ChangeTime: 2014-12-19T04:07:51.280264000Z
147c.15d4: FileAttributes: 0x20
147c.15d4: Size: 0x66e00
147c.15d4: NT Headers: 0xf0
147c.15d4: Timestamp: 0x4a5bdfe0
147c.15d4: Machine: 0x8664 - amd64
147c.15d4: Timestamp: 0x4a5bdfe0
147c.15d4: Image Version: 6.1
147c.15d4: SizeOfImage: 0x6b000 (438272)
147c.15d4: Resource Dir: 0x69000 LB 0x528
147c.15d4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
147c.15d4: [Raw version resource data: 0x690b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
147c.15d4: ProductName: Microsoft® Windows® Operating System
147c.15d4: ProductVersion: 6.1.7600.16385
147c.15d4: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
147c.15d4: FileDescription: Windows NT BASE API Client DLL
147c.15d4: \SystemRoot\System32\apisetschema.dll:
147c.15d4: CreationTime: 2009-07-13T23:18:54.866423200Z
147c.15d4: LastWriteTime: 2009-07-14T01:24:53.779000000Z
147c.15d4: ChangeTime: 2014-12-19T04:07:38.675441900Z
147c.15d4: FileAttributes: 0x20
147c.15d4: Size: 0x1a00
147c.15d4: NT Headers: 0xc0
147c.15d4: Timestamp: 0x4a5bdeab
147c.15d4: Machine: 0x8664 - amd64
147c.15d4: Timestamp: 0x4a5bdeab
147c.15d4: Image Version: 6.1
147c.15d4: SizeOfImage: 0x50000 (327680)
147c.15d4: Resource Dir: 0x30000 LB 0x3f0
147c.15d4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
147c.15d4: [Raw version resource data: 0x30060 LB 0x390, codepage 0x0 (reserved 0x0)]
147c.15d4: ProductName: Microsoft® Windows® Operating System
147c.15d4: ProductVersion: 6.1.7600.16385
147c.15d4: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
147c.15d4: FileDescription: ApiSet Schema DLL
147c.15d4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
147c.15d4: supR3HardenedWinFindAdversaries: 0x400
147c.15d4: \SystemRoot\System32\drivers\MpFilter.sys:
147c.15d4: CreationTime: 2014-07-17T20:05:06.000000000Z
147c.15d4: LastWriteTime: 2014-07-17T20:05:06.000000000Z
147c.15d4: ChangeTime: 2014-12-18T22:55:15.829731100Z
147c.15d4: FileAttributes: 0x20
147c.15d4: Size: 0x41ad0
147c.15d4: NT Headers: 0xf0
147c.15d4: Timestamp: 0x53bdfdba
147c.15d4: Machine: 0x8664 - amd64
147c.15d4: Timestamp: 0x53bdfdba
147c.15d4: Image Version: 6.3
147c.15d4: SizeOfImage: 0x42000 (270336)
147c.15d4: Resource Dir: 0x40000 LB 0xd50
147c.15d4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
147c.15d4: [Raw version resource data: 0x40110 LB 0x37c, codepage 0x0 (reserved 0x0)]
147c.15d4: ProductName: Microsoft Malware Protection
147c.15d4: ProductVersion: 4.6.0300.0
147c.15d4: FileVersion: 4.6.0300.0
147c.15d4: FileDescription: Microsoft antimalware file system filter driver
147c.15d4: \SystemRoot\System32\drivers\NisDrvWFP.sys:
147c.15d4: CreationTime: 2014-07-17T20:05:06.000000000Z
147c.15d4: LastWriteTime: 2014-07-17T20:05:06.000000000Z
147c.15d4: ChangeTime: 2014-12-18T22:55:14.841674500Z
147c.15d4: FileAttributes: 0x20
147c.15d4: Size: 0x1ea90
147c.15d4: NT Headers: 0xe0
147c.15d4: Timestamp: 0x53bdfde3
147c.15d4: Machine: 0x8664 - amd64
147c.15d4: Timestamp: 0x53bdfde3
147c.15d4: Image Version: 6.3
147c.15d4: SizeOfImage: 0x1f000 (126976)
147c.15d4: Resource Dir: 0x1c000 LB 0x1b90
147c.15d4: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
147c.15d4: [Raw version resource data: 0x1d728 LB 0x380, codepage 0x0 (reserved 0x0)]
147c.15d4: ProductName: Microsoft Malware Protection
147c.15d4: ProductVersion: 4.6.0300.0
147c.15d4: FileVersion: 4.6.0300.0
147c.15d4: FileDescription: Microsoft Network Realtime Inspection Driver
147c.15d4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
147c.15d4: Calling main()
147c.15d4: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0
147c.15d4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
147c.15d4: SUPR3HardenedMain: Respawn #1
147c.15d4: System32: \Device\HarddiskVolume2\Windows\System32
147c.15d4: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
147c.15d4: KnownDllPath: C:\Windows\system32
147c.15d4: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
147c.15d4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe)
147c.15d4: supR3HardNtEnableThreadCreation:
147c.15d4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077483080 pvNtTerminateThread=00000000774a03e0
147c.15d4: supR3HardenedWinDoReSpawn(1): New child f40.660 [kernel32].
147c.15d4: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
147c.15d4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077450000 uNtDllChildAddr=0000000077450000
147c.15d4: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000077483080
147c.15d4: supR3HardenedWinSetupChildInit: Start child.
147c.15d4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
147c.15d4: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 64 sleeps
147c.15d4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
147c.15d4: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
147c.15d4: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000
147c.15d4: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
147c.15d4: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
147c.15d4: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
147c.15d4: 0000000000041000-00000000001dffff 0x0001/0x0000 0x0000000
147c.15d4: *00000000001e0000-00000000002dbfff 0x0000/0x0004 0x0020000
147c.15d4: 00000000002dc000-00000000002ddfff 0x0104/0x0004 0x0020000
147c.15d4: 00000000002de000-00000000002dffff 0x0004/0x0004 0x0020000
147c.15d4: 00000000002e0000-000000007744ffff 0x0001/0x0000 0x0000000
147c.15d4: *0000000077450000-0000000077450fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
147c.15d4: 0000000077451000-0000000077552fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
147c.15d4: 0000000077553000-0000000077582fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
147c.15d4: 0000000077583000-000000007758efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
147c.15d4: 000000007758f000-00000000775fafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
147c.15d4: 00000000775fb000-000000007efdffff 0x0001/0x0000 0x0000000
147c.15d4: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
147c.15d4: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
147c.15d4: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
147c.15d4: 000000007fff0000-000000013fbaffff 0x0001/0x0000 0x0000000
147c.15d4: *000000013fbb0000-000000013fbb0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
147c.15d4: 000000013fbb1000-000000013fc25fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
147c.15d4: 000000013fc26000-000000013fc26fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
147c.15d4: 000000013fc27000-000000013fc6dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
147c.15d4: 000000013fc6e000-000000013fc6efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
147c.15d4: 000000013fc6f000-000000013fc6ffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
147c.15d4: 000000013fc70000-000000013fc74fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
147c.15d4: 000000013fc75000-000000013fc75fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
147c.15d4: 000000013fc76000-000000013fc76fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
147c.15d4: 000000013fc77000-000000013fc7afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
147c.15d4: 000000013fc7b000-000000013fcc3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
147c.15d4: 000000013fcc4000-000007feff76ffff 0x0001/0x0000 0x0000000
147c.15d4: *000007feff770000-000007feff770fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
147c.15d4: 000007feff771000-000007fffffaffff 0x0001/0x0000 0x0000000
147c.15d4: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
147c.15d4: 000007fffffd3000-000007fffffdcfff 0x0001/0x0000 0x0000000
147c.15d4: *000007fffffdd000-000007fffffdefff 0x0004/0x0004 0x0020000
147c.15d4: *000007fffffdf000-000007fffffdffff 0x0004/0x0004 0x0020000
147c.15d4: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
147c.15d4: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS)
147c.15d4: VBoxHeadless.exe: timestamp 0x5cd96def (rc=VINF_SUCCESS)
147c.15d4: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
147c.15d4: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
147c.15d4: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
147c.15d4: supR3HardNtChildPurify: Done after 540 ms and 0 fixes (loop #0).
147c.15d4: supR3HardNtEnableThreadCreation:
f40.660: Log file opened: 6.0.8r130520 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db000
f40.660: supR3HardenedVmProcessInit: uNtDllAddr=0000000077450000 g_uNtVerCombined=0x611db000
f40.660: ntdll.dll: timestamp 0x4a5be02b (rc=VINF_SUCCESS)
f40.660: New simple heap: #1 00000000002e0000 LB 0x400000 (for 1748992 allocation)
f40.660: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
f40.660: System32: \Device\HarddiskVolume2\Windows\System32
f40.660: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
f40.660: KnownDllPath: C:\Windows\system32
f40.660: supR3HardenedVmProcessInit: Opening vboxdrv stub...
f40.660: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
f40.660: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
f40.660: Registered Dll notification callback with NTDLL.
f40.660: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
f40.660: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
f40.660: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
f40.660: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
f40.660: supR3HardenedDllNotificationCallback: load 0000000077330000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
f40.660: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
f40.660: supR3HardenedDllNotificationCallback: load 000007fefd5a0000 LB 0x0006b000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
f40.660: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
f40.660: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
f40.660: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077330000 'C:\Windows\system32\kernel32.dll'
f40.660: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077483080 pvNtTerminateThread=00000000774a03e0
f40.660: \SystemRoot\System32\ntdll.dll:
f40.660: CreationTime: 2009-07-13T23:22:13.778197900Z
f40.660: LastWriteTime: 2009-07-14T01:43:10.969080300Z
f40.660: ChangeTime: 2014-12-19T04:08:07.816293100Z
f40.660: FileAttributes: 0x20
f40.660: Size: 0x1a8058
f40.660: NT Headers: 0xe8
f40.660: Timestamp: 0x4a5be02b
f40.660: Machine: 0x8664 - amd64
f40.660: Timestamp: 0x4a5be02b
f40.660: Image Version: 6.1
f40.660: SizeOfImage: 0x1ab000 (1748992)
f40.660: Resource Dir: 0x153000 LB 0x560d0
f40.660: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
f40.660: [Raw version resource data: 0x1530f0 LB 0x378, codepage 0x0 (reserved 0x0)]
f40.660: ProductName: Microsoft® Windows® Operating System
f40.660: ProductVersion: 6.1.7600.16385
f40.660: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
f40.660: FileDescription: NT Layer DLL
f40.660: \SystemRoot\System32\kernel32.dll:
f40.660: CreationTime: 2009-07-13T23:28:56.812047100Z
f40.660: LastWriteTime: 2009-07-14T01:41:13.689000000Z
f40.660: ChangeTime: 2014-12-19T04:07:51.139863800Z
f40.660: FileAttributes: 0x20
f40.660: Size: 0x11bc00
f40.660: NT Headers: 0xe0
f40.660: Timestamp: 0x4a5bdfdf
f40.660: Machine: 0x8664 - amd64
f40.660: Timestamp: 0x4a5bdfdf
f40.660: Image Version: 6.1
f40.660: SizeOfImage: 0x11f000 (1175552)
f40.660: Resource Dir: 0x116000 LB 0x520
f40.660: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
f40.660: [Raw version resource data: 0x1160b0 LB 0x39c, codepage 0x0 (reserved 0x0)]
f40.660: ProductName: Microsoft® Windows® Operating System
f40.660: ProductVersion: 6.1.7600.16385
f40.660: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
f40.660: FileDescription: Windows NT BASE API Client DLL
f40.660: \SystemRoot\System32\KernelBase.dll:
f40.660: CreationTime: 2009-07-13T23:20:03.551902300Z
f40.660: LastWriteTime: 2009-07-14T01:41:13.689000000Z
f40.660: ChangeTime: 2014-12-19T04:07:51.280264000Z
f40.660: FileAttributes: 0x20
f40.660: Size: 0x66e00
f40.660: NT Headers: 0xf0
f40.660: Timestamp: 0x4a5bdfe0
f40.660: Machine: 0x8664 - amd64
f40.660: Timestamp: 0x4a5bdfe0
f40.660: Image Version: 6.1
f40.660: SizeOfImage: 0x6b000 (438272)
f40.660: Resource Dir: 0x69000 LB 0x528
f40.660: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
f40.660: [Raw version resource data: 0x690b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
f40.660: ProductName: Microsoft® Windows® Operating System
f40.660: ProductVersion: 6.1.7600.16385
f40.660: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
f40.660: FileDescription: Windows NT BASE API Client DLL
f40.660: \SystemRoot\System32\apisetschema.dll:
f40.660: CreationTime: 2009-07-13T23:18:54.866423200Z
f40.660: LastWriteTime: 2009-07-14T01:24:53.779000000Z
f40.660: ChangeTime: 2014-12-19T04:07:38.675441900Z
f40.660: FileAttributes: 0x20
f40.660: Size: 0x1a00
f40.660: NT Headers: 0xc0
f40.660: Timestamp: 0x4a5bdeab
f40.660: Machine: 0x8664 - amd64
f40.660: Timestamp: 0x4a5bdeab
f40.660: Image Version: 6.1
f40.660: SizeOfImage: 0x50000 (327680)
f40.660: Resource Dir: 0x30000 LB 0x3f0
f40.660: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
f40.660: [Raw version resource data: 0x30060 LB 0x390, codepage 0x0 (reserved 0x0)]
f40.660: ProductName: Microsoft® Windows® Operating System
f40.660: ProductVersion: 6.1.7600.16385
f40.660: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
f40.660: FileDescription: ApiSet Schema DLL
f40.660: NtOpenDirectoryObject failed on \Driver: 0xc0000022
147c.15d4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 5024 ms.
f40.660: supR3HardenedWinFindAdversaries: 0x400
f40.660: \SystemRoot\System32\drivers\MpFilter.sys:
f40.660: CreationTime: 2014-07-17T20:05:06.000000000Z
f40.660: LastWriteTime: 2014-07-17T20:05:06.000000000Z
f40.660: ChangeTime: 2014-12-18T22:55:15.829731100Z
f40.660: FileAttributes: 0x20
f40.660: Size: 0x41ad0
f40.660: NT Headers: 0xf0
f40.660: Timestamp: 0x53bdfdba
f40.660: Machine: 0x8664 - amd64
f40.660: Timestamp: 0x53bdfdba
f40.660: Image Version: 6.3
f40.660: SizeOfImage: 0x42000 (270336)
f40.660: Resource Dir: 0x40000 LB 0xd50
f40.660: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
f40.660: [Raw version resource data: 0x40110 LB 0x37c, codepage 0x0 (reserved 0x0)]
f40.660: ProductName: Microsoft Malware Protection
f40.660: ProductVersion: 4.6.0300.0
f40.660: FileVersion: 4.6.0300.0
f40.660: FileDescription: Microsoft antimalware file system filter driver
f40.660: \SystemRoot\System32\drivers\NisDrvWFP.sys:
f40.660: CreationTime: 2014-07-17T20:05:06.000000000Z
f40.660: LastWriteTime: 2014-07-17T20:05:06.000000000Z
f40.660: ChangeTime: 2014-12-18T22:55:14.841674500Z
f40.660: FileAttributes: 0x20
f40.660: Size: 0x1ea90
f40.660: NT Headers: 0xe0
f40.660: Timestamp: 0x53bdfde3
f40.660: Machine: 0x8664 - amd64
f40.660: Timestamp: 0x53bdfde3
f40.660: Image Version: 6.3
f40.660: SizeOfImage: 0x1f000 (126976)
f40.660: Resource Dir: 0x1c000 LB 0x1b90
f40.660: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
f40.660: [Raw version resource data: 0x1d728 LB 0x380, codepage 0x0 (reserved 0x0)]
f40.660: ProductName: Microsoft Malware Protection
f40.660: ProductVersion: 4.6.0300.0
f40.660: FileVersion: 4.6.0300.0
f40.660: FileDescription: Microsoft Network Realtime Inspection Driver
f40.660: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
f40.660: Calling main()
f40.660: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0
f40.660: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
f40.660: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
f40.660: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe)
f40.660: SUPR3HardenedMain: Respawn #2
f40.660: supR3HardNtEnableThreadCreation:
f40.660: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
f40.660: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
f40.660: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
f40.660: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
f40.660: supR3HardenedDllNotificationCallback: load 000007fefd240000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
f40.660: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
f40.660: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd240000 'C:\Windows\system32\apphelp.dll'
f40.660: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077483080 pvNtTerminateThread=00000000774a03e0
f40.660: supR3HardenedWinDoReSpawn(2): New child 1b70.17e0 [kernel32].
f40.660: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd7000 cbPeb=0x380
f40.660: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077450000 uNtDllChildAddr=0000000077450000
f40.660: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000077483080
f40.660: supR3HardenedWinSetupChildInit: Start child.
f40.660: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
f40.660: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps
f40.660: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
f40.660: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
f40.660: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000
f40.660: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
f40.660: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
f40.660: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
f40.660: 0000000000041000-000000000013ffff 0x0001/0x0000 0x0000000
f40.660: *0000000000140000-000000000023bfff 0x0000/0x0004 0x0020000
f40.660: 000000000023c000-000000000023dfff 0x0104/0x0004 0x0020000
f40.660: 000000000023e000-000000000023ffff 0x0004/0x0004 0x0020000
f40.660: 0000000000240000-000000007744ffff 0x0001/0x0000 0x0000000
f40.660: *0000000077450000-0000000077450fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
f40.660: 0000000077451000-0000000077552fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
f40.660: 0000000077553000-0000000077582fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
f40.660: 0000000077583000-000000007758efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
f40.660: 000000007758f000-00000000775fafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
f40.660: 00000000775fb000-000000007efdffff 0x0001/0x0000 0x0000000
f40.660: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
f40.660: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
f40.660: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
f40.660: 000000007fff0000-000000013fbaffff 0x0001/0x0000 0x0000000
f40.660: *000000013fbb0000-000000013fbb0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
f40.660: 000000013fbb1000-000000013fc25fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
f40.660: 000000013fc26000-000000013fc26fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
f40.660: 000000013fc27000-000000013fc6dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
f40.660: 000000013fc6e000-000000013fc6efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
f40.660: 000000013fc6f000-000000013fc6ffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
f40.660: 000000013fc70000-000000013fc74fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
f40.660: 000000013fc75000-000000013fc75fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
f40.660: 000000013fc76000-000000013fc76fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
f40.660: 000000013fc77000-000000013fc7afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
f40.660: 000000013fc7b000-000000013fcc3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
f40.660: 000000013fcc4000-000007feff76ffff 0x0001/0x0000 0x0000000
f40.660: *000007feff770000-000007feff770fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
f40.660: 000007feff771000-000007fffffaffff 0x0001/0x0000 0x0000000
f40.660: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
f40.660: 000007fffffd3000-000007fffffd6fff 0x0001/0x0000 0x0000000
f40.660: *000007fffffd7000-000007fffffd7fff 0x0004/0x0004 0x0020000
f40.660: 000007fffffd8000-000007fffffddfff 0x0001/0x0000 0x0000000
f40.660: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000
f40.660: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
f40.660: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS)
f40.660: VBoxHeadless.exe: timestamp 0x5cd96def (rc=VINF_SUCCESS)
f40.660: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
f40.660: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
f40.660: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
f40.660: supR3HardNtChildPurify: Done after 556 ms and 0 fixes (loop #0).
1b70.17e0: Log file opened: 6.0.8r130520 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db000
f40.660: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002e0000 LB 0x400000)
1b70.17e0: supR3HardenedVmProcessInit: uNtDllAddr=0000000077450000 g_uNtVerCombined=0x611db000
f40.660: supR3HardNtEnableThreadCreation:
1b70.17e0: ntdll.dll: timestamp 0x4a5be02b (rc=VINF_SUCCESS)
1b70.17e0: New simple heap: #1 0000000000340000 LB 0x400000 (for 1748992 allocation)
1b70.17e0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
1b70.17e0: System32: \Device\HarddiskVolume2\Windows\System32
1b70.17e0: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
1b70.17e0: KnownDllPath: C:\Windows\system32
1b70.17e0: supR3HardenedVmProcessInit: Opening vboxdrv...
1b70.17e0: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
1b70.17e0: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
1b70.17e0: Registered Dll notification callback with NTDLL.
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
1b70.17e0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 0000000077330000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefd5a0000 LB 0x0006b000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077330000 'C:\Windows\system32\kernel32.dll'
1b70.17e0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077483080 pvNtTerminateThread=00000000774a03e0
1b70.17e0: \SystemRoot\System32\ntdll.dll:
1b70.17e0: CreationTime: 2009-07-13T23:22:13.778197900Z
1b70.17e0: LastWriteTime: 2009-07-14T01:43:10.969080300Z
1b70.17e0: ChangeTime: 2014-12-19T04:08:07.816293100Z
1b70.17e0: FileAttributes: 0x20
1b70.17e0: Size: 0x1a8058
1b70.17e0: NT Headers: 0xe8
1b70.17e0: Timestamp: 0x4a5be02b
1b70.17e0: Machine: 0x8664 - amd64
1b70.17e0: Timestamp: 0x4a5be02b
1b70.17e0: Image Version: 6.1
1b70.17e0: SizeOfImage: 0x1ab000 (1748992)
1b70.17e0: Resource Dir: 0x153000 LB 0x560d0
1b70.17e0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1b70.17e0: [Raw version resource data: 0x1530f0 LB 0x378, codepage 0x0 (reserved 0x0)]
1b70.17e0: ProductName: Microsoft® Windows® Operating System
1b70.17e0: ProductVersion: 6.1.7600.16385
1b70.17e0: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
1b70.17e0: FileDescription: NT Layer DLL
1b70.17e0: \SystemRoot\System32\kernel32.dll:
1b70.17e0: CreationTime: 2009-07-13T23:28:56.812047100Z
1b70.17e0: LastWriteTime: 2009-07-14T01:41:13.689000000Z
1b70.17e0: ChangeTime: 2014-12-19T04:07:51.139863800Z
1b70.17e0: FileAttributes: 0x20
1b70.17e0: Size: 0x11bc00
1b70.17e0: NT Headers: 0xe0
1b70.17e0: Timestamp: 0x4a5bdfdf
1b70.17e0: Machine: 0x8664 - amd64
1b70.17e0: Timestamp: 0x4a5bdfdf
1b70.17e0: Image Version: 6.1
1b70.17e0: SizeOfImage: 0x11f000 (1175552)
1b70.17e0: Resource Dir: 0x116000 LB 0x520
1b70.17e0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
1b70.17e0: [Raw version resource data: 0x1160b0 LB 0x39c, codepage 0x0 (reserved 0x0)]
1b70.17e0: ProductName: Microsoft® Windows® Operating System
1b70.17e0: ProductVersion: 6.1.7600.16385
1b70.17e0: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
1b70.17e0: FileDescription: Windows NT BASE API Client DLL
1b70.17e0: \SystemRoot\System32\KernelBase.dll:
1b70.17e0: CreationTime: 2009-07-13T23:20:03.551902300Z
1b70.17e0: LastWriteTime: 2009-07-14T01:41:13.689000000Z
1b70.17e0: ChangeTime: 2014-12-19T04:07:51.280264000Z
1b70.17e0: FileAttributes: 0x20
1b70.17e0: Size: 0x66e00
1b70.17e0: NT Headers: 0xf0
1b70.17e0: Timestamp: 0x4a5bdfe0
1b70.17e0: Machine: 0x8664 - amd64
1b70.17e0: Timestamp: 0x4a5bdfe0
1b70.17e0: Image Version: 6.1
1b70.17e0: SizeOfImage: 0x6b000 (438272)
1b70.17e0: Resource Dir: 0x69000 LB 0x528
1b70.17e0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
1b70.17e0: [Raw version resource data: 0x690b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
1b70.17e0: ProductName: Microsoft® Windows® Operating System
1b70.17e0: ProductVersion: 6.1.7600.16385
1b70.17e0: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
1b70.17e0: FileDescription: Windows NT BASE API Client DLL
1b70.17e0: \SystemRoot\System32\apisetschema.dll:
1b70.17e0: CreationTime: 2009-07-13T23:18:54.866423200Z
1b70.17e0: LastWriteTime: 2009-07-14T01:24:53.779000000Z
1b70.17e0: ChangeTime: 2014-12-19T04:07:38.675441900Z
1b70.17e0: FileAttributes: 0x20
1b70.17e0: Size: 0x1a00
1b70.17e0: NT Headers: 0xc0
1b70.17e0: Timestamp: 0x4a5bdeab
1b70.17e0: Machine: 0x8664 - amd64
1b70.17e0: Timestamp: 0x4a5bdeab
1b70.17e0: Image Version: 6.1
1b70.17e0: SizeOfImage: 0x50000 (327680)
1b70.17e0: Resource Dir: 0x30000 LB 0x3f0
1b70.17e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1b70.17e0: [Raw version resource data: 0x30060 LB 0x390, codepage 0x0 (reserved 0x0)]
1b70.17e0: ProductName: Microsoft® Windows® Operating System
1b70.17e0: ProductVersion: 6.1.7600.16385
1b70.17e0: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
1b70.17e0: FileDescription: ApiSet Schema DLL
1b70.17e0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
f40.660: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 5033 ms.
1b70.17e0: supR3HardenedWinFindAdversaries: 0x400
1b70.17e0: \SystemRoot\System32\drivers\MpFilter.sys:
1b70.17e0: CreationTime: 2014-07-17T20:05:06.000000000Z
1b70.17e0: LastWriteTime: 2014-07-17T20:05:06.000000000Z
1b70.17e0: ChangeTime: 2014-12-18T22:55:15.829731100Z
1b70.17e0: FileAttributes: 0x20
1b70.17e0: Size: 0x41ad0
1b70.17e0: NT Headers: 0xf0
1b70.17e0: Timestamp: 0x53bdfdba
1b70.17e0: Machine: 0x8664 - amd64
1b70.17e0: Timestamp: 0x53bdfdba
1b70.17e0: Image Version: 6.3
1b70.17e0: SizeOfImage: 0x42000 (270336)
1b70.17e0: Resource Dir: 0x40000 LB 0xd50
1b70.17e0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1b70.17e0: [Raw version resource data: 0x40110 LB 0x37c, codepage 0x0 (reserved 0x0)]
1b70.17e0: ProductName: Microsoft Malware Protection
1b70.17e0: ProductVersion: 4.6.0300.0
1b70.17e0: FileVersion: 4.6.0300.0
1b70.17e0: FileDescription: Microsoft antimalware file system filter driver
1b70.17e0: \SystemRoot\System32\drivers\NisDrvWFP.sys:
1b70.17e0: CreationTime: 2014-07-17T20:05:06.000000000Z
1b70.17e0: LastWriteTime: 2014-07-17T20:05:06.000000000Z
1b70.17e0: ChangeTime: 2014-12-18T22:55:14.841674500Z
1b70.17e0: FileAttributes: 0x20
1b70.17e0: Size: 0x1ea90
1b70.17e0: NT Headers: 0xe0
1b70.17e0: Timestamp: 0x53bdfde3
1b70.17e0: Machine: 0x8664 - amd64
1b70.17e0: Timestamp: 0x53bdfde3
1b70.17e0: Image Version: 6.3
1b70.17e0: SizeOfImage: 0x1f000 (126976)
1b70.17e0: Resource Dir: 0x1c000 LB 0x1b90
1b70.17e0: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
1b70.17e0: [Raw version resource data: 0x1d728 LB 0x380, codepage 0x0 (reserved 0x0)]
1b70.17e0: ProductName: Microsoft Malware Protection
1b70.17e0: ProductVersion: 4.6.0300.0
1b70.17e0: FileVersion: 4.6.0300.0
1b70.17e0: FileDescription: Microsoft Network Realtime Inspection Driver
1b70.17e0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
1b70.17e0: Calling main()
1b70.17e0: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0
1b70.17e0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
1b70.17e0: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe)
1b70.17e0: SUPR3HardenedMain: Final process, opening VBoxDrv...
1b70.17e0: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000340000 LB 0x400000)
1b70.17e0: supR3HardNtEnableThreadCreation:
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b4fb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32 [calling]
1b70.17e0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefb1c0000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b4fb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32 [calling]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb1c0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b4fb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32 [calling]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb1c0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb1c0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b4fb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32 [calling]
1b70.17e0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefd460000 LB 0x00039000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007feff590000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefd610000 LB 0x00166000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefd450000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefe510000 LB 0x0012e000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd460000 'C:\Windows\system32\Wintrust.dll'
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b4fb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32 [calling]
1b70.17e0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefcd90000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd90000 'C:\Windows\system32\bcrypt.dll'
1b70.17e0: bcrypt.dll loaded at 000007fefcd90000, BCryptOpenAlgorithmProvider at 000007fefcd92640, preloading providers:
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b4fb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32 [calling]
1b70.17e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefc830000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefd7a0000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007feff570000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc830000 'C:\Windows\system32\bcryptprimitives.dll'
1b70.17e0: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000008e3590)
1b70.17e0: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=00000000008e6450)
1b70.17e0: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000008e6570)
1b70.17e0: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000008e6780)
1b70.17e0: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000008e68a0)
1b70.17e0: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=00000000008e69c0)
1b70.17e0: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=00000000008e6c00)
1b70.17e0: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000008e6d20)
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b4fb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32 [calling]
1b70.17e0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefcc40000 LB 0x00017000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc40000 'C:\Windows\system32\CRYPTSP.dll'
1b70.17e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1b70.17e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1b70.17e0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b4fb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32 [calling]
1b70.17e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefc940000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc940000 'C:\Windows\system32\rsaenh.dll'
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b4fb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32 [calling]
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd7a0000 'C:\Windows\system32\ADVAPI32.dll'
1b70.17e0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
1b70.17e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1b70.17e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b4fb0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32 [calling]
1b70.17e0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
1b70.17e0: supR3HardenedDllNotificationCallback: load 000007fefd2a0000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
1b70.17e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Un