VirtualBox

Ticket #13187: VBoxStartup.15.log

File VBoxStartup.15.log, 140.4 KB (added by nudidudi, 10 years ago)
Line 
1d84.9a8: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2d84.9a8: \SystemRoot\System32\ntdll.dll:
3d84.9a8: CreationTime: 2014-08-04T05:28:55.169771700Z
4d84.9a8: LastWriteTime: 2013-08-29T02:16:35.515578900Z
5d84.9a8: ChangeTime: 2014-08-05T19:50:15.609179500Z
6d84.9a8: FileAttributes: 0x20
7d84.9a8: Size: 0x1a6dc0
8d84.9a8: NT Headers: 0xe0
9d84.9a8: Timestamp: 0x521eaf24
10d84.9a8: Machine: 0x8664 - amd64
11d84.9a8: Timestamp: 0x521eaf24
12d84.9a8: Image Version: 6.1
13d84.9a8: SizeOfImage: 0x1a9000 (1740800)
14d84.9a8: Resource Dir: 0x151000 LB 0x560d8
15d84.9a8: ProductName: Microsoft® Windows® Operating System
16d84.9a8: ProductVersion: 6.1.7601.18247
17d84.9a8: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
18d84.9a8: FileDescription: NT Layer DLL
19d84.9a8: \SystemRoot\System32\kernel32.dll:
20d84.9a8: CreationTime: 2014-08-04T05:27:33.160427700Z
21d84.9a8: LastWriteTime: 2014-03-04T09:44:00.336000000Z
22d84.9a8: ChangeTime: 2014-08-04T05:41:41.802956800Z
23d84.9a8: FileAttributes: 0x20
24d84.9a8: Size: 0x11c000
25d84.9a8: NT Headers: 0xe8
26d84.9a8: Timestamp: 0x5315a059
27d84.9a8: Machine: 0x8664 - amd64
28d84.9a8: Timestamp: 0x5315a059
29d84.9a8: Image Version: 6.1
30d84.9a8: SizeOfImage: 0x11f000 (1175552)
31d84.9a8: Resource Dir: 0x116000 LB 0x528
32d84.9a8: ProductName: Microsoft® Windows® Operating System
33d84.9a8: ProductVersion: 6.1.7601.18409
34d84.9a8: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
35d84.9a8: FileDescription: Windows NT BASE API Client DLL
36d84.9a8: \SystemRoot\System32\KernelBase.dll:
37d84.9a8: CreationTime: 2014-08-04T05:30:00.377886300Z
38d84.9a8: LastWriteTime: 2014-03-04T09:44:00.336000000Z
39d84.9a8: ChangeTime: 2014-08-05T19:50:21.646390100Z
40d84.9a8: FileAttributes: 0x20
41d84.9a8: Size: 0x67c00
42d84.9a8: NT Headers: 0xe8
43d84.9a8: Timestamp: 0x5315a05a
44d84.9a8: Machine: 0x8664 - amd64
45d84.9a8: Timestamp: 0x5315a05a
46d84.9a8: Image Version: 6.1
47d84.9a8: SizeOfImage: 0x6c000 (442368)
48d84.9a8: Resource Dir: 0x6a000 LB 0x530
49d84.9a8: ProductName: Microsoft® Windows® Operating System
50d84.9a8: ProductVersion: 6.1.7601.18409
51d84.9a8: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
52d84.9a8: FileDescription: Windows NT BASE API Client DLL
53d84.9a8: \SystemRoot\System32\apisetschema.dll:
54d84.9a8: CreationTime: 2014-08-04T05:29:59.363884500Z
55d84.9a8: LastWriteTime: 2013-08-02T02:12:20.275000000Z
56d84.9a8: ChangeTime: 2014-08-05T19:50:21.427989700Z
57d84.9a8: FileAttributes: 0x20
58d84.9a8: Size: 0x1a00
59d84.9a8: NT Headers: 0xc0
60d84.9a8: Timestamp: 0x51fb15ca
61d84.9a8: Machine: 0x8664 - amd64
62d84.9a8: Timestamp: 0x51fb15ca
63d84.9a8: Image Version: 6.1
64d84.9a8: SizeOfImage: 0x50000 (327680)
65d84.9a8: Resource Dir: 0x30000 LB 0x3f8
66d84.9a8: ProductName: Microsoft® Windows® Operating System
67d84.9a8: ProductVersion: 6.1.7601.18229
68d84.9a8: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
69d84.9a8: FileDescription: ApiSet Schema DLL
70d84.9a8: supR3HardenedWinFindAdversaries: 0x0
71d84.9a8: Calling main()
72d84.9a8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
73d84.9a8: SUPR3HardenedMain: Respawn #1
74d84.9a8: System32: \Device\HarddiskVolume4\Windows\System32
75d84.9a8: WinSxS: \Device\HarddiskVolume4\Windows\winsxs
76d84.9a8: KnownDllPath: C:\Windows\system32
77d84.9a8: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
78d84.9a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
79d84.9a8: supR3HardNtEnableThreadCreation:
80d84.9a8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007735c340 pvNtTerminateThread=00000000773817e0
81d84.9a8: supR3HardenedWinDoReSpawn(1): New child 1094.1484 [kernel32].
82d84.9a8: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdc000 cbPeb=0x380
83d84.9a8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077330000 uNtDllChildAddr=0000000077330000
84d84.9a8: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007735c340
85d84.9a8: supR3HardenedWinSetupChildInit: Start child.
86d84.9a8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
87d84.9a8: supR3HardNtChildPurify: Startup delay kludge #1/0: 263 ms, 31 sleeps
88d84.9a8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
89d84.9a8: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
90d84.9a8: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
91d84.9a8: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
92d84.9a8: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
93d84.9a8: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
94d84.9a8: 0000000000041000-fffffffffff51fff 0x0001/0x0000 0x0000000
95d84.9a8: *0000000000130000-0000000000033fff 0x0000/0x0004 0x0020000
96d84.9a8: 000000000022c000-0000000000228fff 0x0104/0x0004 0x0020000
97d84.9a8: 000000000022f000-000000000022dfff 0x0004/0x0004 0x0020000
98d84.9a8: 0000000000230000-ffffffff8912ffff 0x0001/0x0000 0x0000000
99d84.9a8: *0000000077330000-000000007732efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
100d84.9a8: 0000000077331000-000000007722efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
101d84.9a8: 0000000077433000-0000000077403fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
102d84.9a8: 0000000077462000-0000000077459fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
103d84.9a8: 000000007746a000-0000000077468fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
104d84.9a8: 000000007746b000-0000000077467fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
105d84.9a8: 000000007746e000-0000000077402fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
106d84.9a8: 00000000774d9000-000000006f9d1fff 0x0001/0x0000 0x0000000
107d84.9a8: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
108d84.9a8: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
109d84.9a8: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
110d84.9a8: 000000007fff0000-ffffffffc0cbffff 0x0001/0x0000 0x0000000
111d84.9a8: *000000013f320000-000000013f31efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
112d84.9a8: 000000013f321000-000000013f29cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
113d84.9a8: 000000013f3a5000-000000013f3a3fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
114d84.9a8: 000000013f3a6000-000000013f368fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
115d84.9a8: 000000013f3e3000-000000013f3e1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
116d84.9a8: 000000013f3e4000-000000013f3e2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
117d84.9a8: 000000013f3e5000-000000013f3e2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
118d84.9a8: 000000013f3e7000-000000013f3e5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
119d84.9a8: 000000013f3e8000-000000013f3e6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
120d84.9a8: 000000013f3e9000-000000013f3e4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
121d84.9a8: 000000013f3ed000-000000013f3b3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
122d84.9a8: 000000013f426000-fffff8037f1fbfff 0x0001/0x0000 0x0000000
123d84.9a8: *000007feff650000-000007feff64efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\apisetschema.dll
124d84.9a8: 000007feff651000-000007fdfecf1fff 0x0001/0x0000 0x0000000
125d84.9a8: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
126d84.9a8: 000007fffffd3000-000007fffffc9fff 0x0001/0x0000 0x0000000
127d84.9a8: *000007fffffdc000-000007fffffdafff 0x0004/0x0004 0x0020000
128d84.9a8: 000007fffffdd000-000007fffffdbfff 0x0001/0x0000 0x0000000
129d84.9a8: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
130d84.9a8: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
131d84.9a8: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
132d84.9a8: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
133d84.9a8: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
134d84.9a8: '\Device\HarddiskVolume4\Windows\System32\apisetschema.dll' has no imports
135d84.9a8: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
136d84.9a8: supR3HardNtChildPurify: Done after 319 ms and 0 fixes (loop #0).
137d84.9a8: supR3HardNtEnableThreadCreation:
1381094.1484: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
1391094.1484: supR3HardenedVmProcessInit: uNtDllAddr=0000000077330000
1401094.1484: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
1411094.1484: New simple heap: #1 0000000000330000 LB 0x400000 (for 1740800 allocation)
1421094.1484: System32: \Device\HarddiskVolume4\Windows\System32
1431094.1484: WinSxS: \Device\HarddiskVolume4\Windows\winsxs
1441094.1484: KnownDllPath: C:\Windows\system32
1451094.1484: supR3HardenedVmProcessInit: Opening vboxdrv stub...
1461094.1484: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
1471094.1484: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
1481094.1484: Registered Dll notification callback with NTDLL.
1491094.1484: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
1501094.1484: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
1511094.1484: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
1521094.1484: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1531094.1484: supR3HardenedDllNotificationCallback: load 0000000077210000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
1541094.1484: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1551094.1484: supR3HardenedDllNotificationCallback: load 000007fefd110000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
1561094.1484: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
1571094.1484: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
1581094.1484: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077210000 'C:\Windows\system32\kernel32.dll'
1591094.1484: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007735c340 pvNtTerminateThread=00000000773817e0
1601094.1484: \SystemRoot\System32\ntdll.dll:
161d84.9a8: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 32 ms.
1621094.1484: CreationTime: 2014-08-04T05:28:55.169771700Z
1631094.1484: LastWriteTime: 2013-08-29T02:16:35.515578900Z
1641094.1484: ChangeTime: 2014-08-05T19:50:15.609179500Z
1651094.1484: FileAttributes: 0x20
1661094.1484: Size: 0x1a6dc0
1671094.1484: NT Headers: 0xe0
1681094.1484: Timestamp: 0x521eaf24
1691094.1484: Machine: 0x8664 - amd64
1701094.1484: Timestamp: 0x521eaf24
1711094.1484: Image Version: 6.1
1721094.1484: SizeOfImage: 0x1a9000 (1740800)
1731094.1484: Resource Dir: 0x151000 LB 0x560d8
1741094.1484: ProductName: Microsoft® Windows® Operating System
1751094.1484: ProductVersion: 6.1.7601.18247
1761094.1484: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
1771094.1484: FileDescription: NT Layer DLL
1781094.1484: \SystemRoot\System32\kernel32.dll:
1791094.1484: CreationTime: 2014-08-04T05:27:33.160427700Z
1801094.1484: LastWriteTime: 2014-03-04T09:44:00.336000000Z
1811094.1484: ChangeTime: 2014-08-04T05:41:41.802956800Z
1821094.1484: FileAttributes: 0x20
1831094.1484: Size: 0x11c000
1841094.1484: NT Headers: 0xe8
1851094.1484: Timestamp: 0x5315a059
1861094.1484: Machine: 0x8664 - amd64
1871094.1484: Timestamp: 0x5315a059
1881094.1484: Image Version: 6.1
1891094.1484: SizeOfImage: 0x11f000 (1175552)
1901094.1484: Resource Dir: 0x116000 LB 0x528
1911094.1484: ProductName: Microsoft® Windows® Operating System
1921094.1484: ProductVersion: 6.1.7601.18409
1931094.1484: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
1941094.1484: FileDescription: Windows NT BASE API Client DLL
1951094.1484: \SystemRoot\System32\KernelBase.dll:
1961094.1484: CreationTime: 2014-08-04T05:30:00.377886300Z
1971094.1484: LastWriteTime: 2014-03-04T09:44:00.336000000Z
1981094.1484: ChangeTime: 2014-08-05T19:50:21.646390100Z
1991094.1484: FileAttributes: 0x20
2001094.1484: Size: 0x67c00
2011094.1484: NT Headers: 0xe8
2021094.1484: Timestamp: 0x5315a05a
2031094.1484: Machine: 0x8664 - amd64
2041094.1484: Timestamp: 0x5315a05a
2051094.1484: Image Version: 6.1
2061094.1484: SizeOfImage: 0x6c000 (442368)
2071094.1484: Resource Dir: 0x6a000 LB 0x530
2081094.1484: ProductName: Microsoft® Windows® Operating System
2091094.1484: ProductVersion: 6.1.7601.18409
2101094.1484: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
2111094.1484: FileDescription: Windows NT BASE API Client DLL
2121094.1484: \SystemRoot\System32\apisetschema.dll:
2131094.1484: CreationTime: 2014-08-04T05:29:59.363884500Z
2141094.1484: LastWriteTime: 2013-08-02T02:12:20.275000000Z
2151094.1484: ChangeTime: 2014-08-05T19:50:21.427989700Z
2161094.1484: FileAttributes: 0x20
2171094.1484: Size: 0x1a00
2181094.1484: NT Headers: 0xc0
2191094.1484: Timestamp: 0x51fb15ca
2201094.1484: Machine: 0x8664 - amd64
2211094.1484: Timestamp: 0x51fb15ca
2221094.1484: Image Version: 6.1
2231094.1484: SizeOfImage: 0x50000 (327680)
2241094.1484: Resource Dir: 0x30000 LB 0x3f8
2251094.1484: ProductName: Microsoft® Windows® Operating System
2261094.1484: ProductVersion: 6.1.7601.18229
2271094.1484: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
2281094.1484: FileDescription: ApiSet Schema DLL
2291094.1484: supR3HardenedWinFindAdversaries: 0x0
2301094.1484: Calling main()
2311094.1484: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2321094.1484: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2331094.1484: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
2341094.1484: SUPR3HardenedMain: Respawn #2
2351094.1484: supR3HardNtEnableThreadCreation:
2361094.1484: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2371094.1484: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
2381094.1484: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
2391094.1484: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
2401094.1484: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2411094.1484: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2421094.1484: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
2431094.1484: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
2441094.1484: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2451094.1484: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2461094.1484: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
2471094.1484: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
2481094.1484: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x1000 pwszSearchPath=0000000000000000:<flags> [calling]
2491094.1484: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
2501094.1484: supR3HardenedDllNotificationCallback: load 000007fefdf20000 LB 0x000db000 C:\Windows\system32\ADVAPI32.DLL [fFlags=0x0]
2511094.1484: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
2521094.1484: supR3HardenedDllNotificationCallback: load 000007fefde80000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
2531094.1484: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
2541094.1484: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
2551094.1484: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
2561094.1484: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
2571094.1484: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
2581094.1484: supR3HardenedDllNotificationCallback: load 000007fefd720000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
2591094.1484: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
2601094.1484: supR3HardenedDllNotificationCallback: load 000007fefd5f0000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
2611094.1484: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
2621094.1484: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf20000 'C:\Windows\system32\ADVAPI32.DLL'
2631094.1484: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\apphelp.dll)
2641094.1484: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\apphelp.dll
2651094.1484: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2661094.1484: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2671094.1484: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
2681094.1484: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2691094.1484: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2701094.1484: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
2711094.1484: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2721094.1484: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2731094.1484: supR3HardenedDllNotificationCallback: load 000007fefcf30000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
2741094.1484: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2751094.1484: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf30000 'C:\Windows\system32\apphelp.dll'
2761094.1484: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007735c340 pvNtTerminateThread=00000000773817e0
2771094.1484: supR3HardenedWinDoReSpawn(2): New child 12d0.1754 [kernel32].
2781094.1484: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd6000 cbPeb=0x380
2791094.1484: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077330000 uNtDllChildAddr=0000000077330000
2801094.1484: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007735c340
2811094.1484: supR3HardenedWinSetupChildInit: Start child.
2821094.1484: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
2831094.1484: supR3HardNtChildPurify: Startup delay kludge #1/0: 262 ms, 27 sleeps
2841094.1484: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2851094.1484: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
2861094.1484: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
2871094.1484: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
2881094.1484: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
2891094.1484: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
2901094.1484: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
2911094.1484: *0000000000050000-fffffffffff53fff 0x0000/0x0004 0x0020000
2921094.1484: 000000000014c000-0000000000148fff 0x0104/0x0004 0x0020000
2931094.1484: 000000000014f000-000000000014dfff 0x0004/0x0004 0x0020000
2941094.1484: 0000000000150000-ffffffff88f6ffff 0x0001/0x0000 0x0000000
2951094.1484: *0000000077330000-000000007732efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2961094.1484: 0000000077331000-000000007722efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2971094.1484: 0000000077433000-0000000077403fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2981094.1484: 0000000077462000-0000000077459fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2991094.1484: 000000007746a000-0000000077468fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3001094.1484: 000000007746b000-0000000077467fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3011094.1484: 000000007746e000-0000000077402fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3021094.1484: 00000000774d9000-000000006f9d1fff 0x0001/0x0000 0x0000000
3031094.1484: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
3041094.1484: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
3051094.1484: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
3061094.1484: 000000007fff0000-ffffffffc0cbffff 0x0001/0x0000 0x0000000
3071094.1484: *000000013f320000-000000013f31efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3081094.1484: 000000013f321000-000000013f29cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3091094.1484: 000000013f3a5000-000000013f3a3fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3101094.1484: 000000013f3a6000-000000013f368fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3111094.1484: 000000013f3e3000-000000013f3e1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3121094.1484: 000000013f3e4000-000000013f3e2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3131094.1484: 000000013f3e5000-000000013f3e2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3141094.1484: 000000013f3e7000-000000013f3e5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3151094.1484: 000000013f3e8000-000000013f3e6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3161094.1484: 000000013f3e9000-000000013f3e4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3171094.1484: 000000013f3ed000-000000013f3b3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3181094.1484: 000000013f426000-fffff8037f1fbfff 0x0001/0x0000 0x0000000
3191094.1484: *000007feff650000-000007feff64efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\apisetschema.dll
3201094.1484: 000007feff651000-000007fdfecf1fff 0x0001/0x0000 0x0000000
3211094.1484: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
3221094.1484: 000007fffffd3000-000007fffffcffff 0x0001/0x0000 0x0000000
3231094.1484: *000007fffffd6000-000007fffffd4fff 0x0004/0x0004 0x0020000
3241094.1484: 000007fffffd7000-000007fffffcffff 0x0001/0x0000 0x0000000
3251094.1484: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
3261094.1484: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
3271094.1484: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
3281094.1484: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
3291094.1484: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3301094.1484: '\Device\HarddiskVolume4\Windows\System32\apisetschema.dll' has no imports
3311094.1484: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
3321094.1484: supR3HardNtChildPurify: Done after 324 ms and 0 fixes (loop #0).
33312d0.1754: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
33412d0.1754: supR3HardenedVmProcessInit: uNtDllAddr=0000000077330000
3351094.1484: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000330000 LB 0x400000)
33612d0.1754: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
3371094.1484: supR3HardNtEnableThreadCreation:
33812d0.1754: New simple heap: #1 0000000000250000 LB 0x400000 (for 1740800 allocation)
33912d0.1754: System32: \Device\HarddiskVolume4\Windows\System32
34012d0.1754: WinSxS: \Device\HarddiskVolume4\Windows\winsxs
34112d0.1754: KnownDllPath: C:\Windows\system32
34212d0.1754: supR3HardenedVmProcessInit: Opening vboxdrv...
34312d0.1754: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
34412d0.1754: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
34512d0.1754: Registered Dll notification callback with NTDLL.
34612d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
34712d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
34812d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
34912d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
35012d0.1754: supR3HardenedDllNotificationCallback: load 0000000077210000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
35112d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
35212d0.1754: supR3HardenedDllNotificationCallback: load 000007fefd110000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
35312d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
35412d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
35512d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077210000 'C:\Windows\system32\kernel32.dll'
35612d0.1754: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007735c340 pvNtTerminateThread=00000000773817e0
3571094.1484: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 47 ms.
35812d0.1754: \SystemRoot\System32\ntdll.dll:
35912d0.1754: CreationTime: 2014-08-04T05:28:55.169771700Z
36012d0.1754: LastWriteTime: 2013-08-29T02:16:35.515578900Z
36112d0.1754: ChangeTime: 2014-08-05T19:50:15.609179500Z
36212d0.1754: FileAttributes: 0x20
36312d0.1754: Size: 0x1a6dc0
36412d0.1754: NT Headers: 0xe0
36512d0.1754: Timestamp: 0x521eaf24
36612d0.1754: Machine: 0x8664 - amd64
36712d0.1754: Timestamp: 0x521eaf24
36812d0.1754: Image Version: 6.1
36912d0.1754: SizeOfImage: 0x1a9000 (1740800)
37012d0.1754: Resource Dir: 0x151000 LB 0x560d8
37112d0.1754: ProductName: Microsoft® Windows® Operating System
37212d0.1754: ProductVersion: 6.1.7601.18247
37312d0.1754: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
37412d0.1754: FileDescription: NT Layer DLL
37512d0.1754: \SystemRoot\System32\kernel32.dll:
37612d0.1754: CreationTime: 2014-08-04T05:27:33.160427700Z
37712d0.1754: LastWriteTime: 2014-03-04T09:44:00.336000000Z
37812d0.1754: ChangeTime: 2014-08-04T05:41:41.802956800Z
37912d0.1754: FileAttributes: 0x20
38012d0.1754: Size: 0x11c000
38112d0.1754: NT Headers: 0xe8
38212d0.1754: Timestamp: 0x5315a059
38312d0.1754: Machine: 0x8664 - amd64
38412d0.1754: Timestamp: 0x5315a059
38512d0.1754: Image Version: 6.1
38612d0.1754: SizeOfImage: 0x11f000 (1175552)
38712d0.1754: Resource Dir: 0x116000 LB 0x528
38812d0.1754: ProductName: Microsoft® Windows® Operating System
38912d0.1754: ProductVersion: 6.1.7601.18409
39012d0.1754: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
39112d0.1754: FileDescription: Windows NT BASE API Client DLL
39212d0.1754: \SystemRoot\System32\KernelBase.dll:
39312d0.1754: CreationTime: 2014-08-04T05:30:00.377886300Z
39412d0.1754: LastWriteTime: 2014-03-04T09:44:00.336000000Z
39512d0.1754: ChangeTime: 2014-08-05T19:50:21.646390100Z
39612d0.1754: FileAttributes: 0x20
39712d0.1754: Size: 0x67c00
39812d0.1754: NT Headers: 0xe8
39912d0.1754: Timestamp: 0x5315a05a
40012d0.1754: Machine: 0x8664 - amd64
40112d0.1754: Timestamp: 0x5315a05a
40212d0.1754: Image Version: 6.1
40312d0.1754: SizeOfImage: 0x6c000 (442368)
40412d0.1754: Resource Dir: 0x6a000 LB 0x530
40512d0.1754: ProductName: Microsoft® Windows® Operating System
40612d0.1754: ProductVersion: 6.1.7601.18409
40712d0.1754: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
40812d0.1754: FileDescription: Windows NT BASE API Client DLL
40912d0.1754: \SystemRoot\System32\apisetschema.dll:
41012d0.1754: CreationTime: 2014-08-04T05:29:59.363884500Z
41112d0.1754: LastWriteTime: 2013-08-02T02:12:20.275000000Z
41212d0.1754: ChangeTime: 2014-08-05T19:50:21.427989700Z
41312d0.1754: FileAttributes: 0x20
41412d0.1754: Size: 0x1a00
41512d0.1754: NT Headers: 0xc0
41612d0.1754: Timestamp: 0x51fb15ca
41712d0.1754: Machine: 0x8664 - amd64
41812d0.1754: Timestamp: 0x51fb15ca
41912d0.1754: Image Version: 6.1
42012d0.1754: SizeOfImage: 0x50000 (327680)
42112d0.1754: Resource Dir: 0x30000 LB 0x3f8
42212d0.1754: ProductName: Microsoft® Windows® Operating System
42312d0.1754: ProductVersion: 6.1.7601.18229
42412d0.1754: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
42512d0.1754: FileDescription: ApiSet Schema DLL
42612d0.1754: supR3HardenedWinFindAdversaries: 0x0
42712d0.1754: Calling main()
42812d0.1754: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
42912d0.1754: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
43012d0.1754: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
43112d0.1754: SUPR3HardenedMain: Final process, opening VBoxDrv...
43212d0.1754: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000250000 LB 0x400000)
43312d0.1754: supR3HardNtEnableThreadCreation:
43412d0.1754: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
43512d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
43612d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4290:C:\Windows\system32 [calling]
43712d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
43812d0.1754: supR3HardenedDllNotificationCallback: load 000007fef6710000 LB 0x00004000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
43912d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
44012d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
44112d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
44212d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6710000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
44312d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
44412d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
44512d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6710000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
44612d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6710000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
44712d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
44812d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
44912d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
45012d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
45112d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll)
45212d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll
45312d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
45412d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
45512d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
45612d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
45712d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
45812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
45912d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll)
46012d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll
46112d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
46212d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
46312d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
46412d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
46512d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll)
46612d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll
46712d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
46812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
46912d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
47012d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
47112d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
47212d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
47312d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
47412d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
47512d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
47612d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
47712d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4290:C:\Windows\system32 [calling]
47812d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
47912d0.1754: supR3HardenedDllNotificationCallback: load 000007fefd1f0000 LB 0x0003a000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
48012d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
48112d0.1754: supR3HardenedDllNotificationCallback: load 000007fefde80000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
48212d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
48312d0.1754: supR3HardenedDllNotificationCallback: load 000007fefd240000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
48412d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
48512d0.1754: supR3HardenedDllNotificationCallback: load 000007fefd100000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
48612d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
48712d0.1754: supR3HardenedDllNotificationCallback: load 000007fefd5f0000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
48812d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
48912d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1f0000 'C:\Windows\system32\Wintrust.dll'
49012d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll)
49112d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll
49212d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
49312d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
49412d0.1754: supR3HardenedDllNotificationCallback: load 000007fefc930000 LB 0x00017000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
49512d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
49612d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc930000 'C:\Windows\system32\CRYPTSP.dll'
49712d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
49812d0.1754: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll)
49912d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
50012d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
50112d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
50212d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
50312d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
50412d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
50512d0.1754: supR3HardenedDllNotificationCallback: load 000007fefc630000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
50612d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
50712d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc630000 'C:\Windows\system32\rsaenh.dll'
50812d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
50912d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
51012d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
51112d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
51212d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
51312d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
51412d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
51512d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
51612d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
51712d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
51812d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
51912d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
52012d0.1754: supR3HardenedDllNotificationCallback: load 000007fefdf20000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
52112d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
52212d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
52312d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
52412d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
52512d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
52612d0.1754: supR3HardenedDllNotificationCallback: load 000007fefd720000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
52712d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
52812d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf20000 'C:\Windows\system32\ADVAPI32.dll'
52912d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
53012d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
53112d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
53212d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
53312d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
53412d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
53512d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
53612d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
53712d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
53812d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
53912d0.1754: supR3HardenedDllNotificationCallback: load 000007fefcf90000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
54012d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
54112d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf90000 'C:\Windows\system32\CRYPTBASE.dll'
54212d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
54312d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
54412d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077210000 'C:\Windows\system32\kernel32.dll'
54512d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
54612d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
54712d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1f0000 'C:\Windows\system32\WINTRUST.DLL'
54812d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
54912d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
55012d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd240000 'C:\Windows\system32\CRYPT32.dll'
55112d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
55212d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
55312d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll)
55412d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll
55512d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
55612d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
55712d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
55812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
55912d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
56012d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
56112d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
56212d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
56312d0.1754: supR3HardenedDllNotificationCallback: load 000007feff360000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
56412d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
56512d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff360000 'C:\Windows\system32\imagehlp.dll'
56612d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
56712d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
56812d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc930000 'C:\Windows\system32\CRYPTSP.dll'
56912d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
57012d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
57112d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
57212d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
57312d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
57412d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
57512d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
57612d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
57712d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
57812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
57912d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume4\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
58012d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
58112d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
58212d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
58312d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\lpk.dll)
58412d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\lpk.dll
58512d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
58612d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
58712d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
58812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
58912d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume4\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
59012d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
59112d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
59212d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
59312d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\usp10.dll)
59412d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\usp10.dll
59512d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
59612d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
59712d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
59812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
59912d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
60012d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
60112d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
60212d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
60312d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
60412d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
60512d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
60612d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
60712d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
60812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
60912d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
61012d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
61112d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
61212d0.1754: supR3HardenedDllNotificationCallback: load 0000000077110000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
61312d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
61412d0.1754: supR3HardenedDllNotificationCallback: load 000007fefdc80000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
61512d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
61612d0.1754: supR3HardenedDllNotificationCallback: load 000007feff630000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
61712d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\lpk.dll [lacks WinVerifyTrust]
61812d0.1754: supR3HardenedDllNotificationCallback: load 000007feff450000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0]
61912d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\usp10.dll [lacks WinVerifyTrust]
62012d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
62112d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
62212d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdc80000 'C:\Windows\system32\gdi32.dll'
62312d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
62412d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
62512d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
62612d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\imm32.dll)
62712d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll
62812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
62912d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume4\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
63012d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
63112d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
63212d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
63312d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
63412d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msctf.dll)
63512d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll
63612d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
63712d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
63812d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
63912d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
64012d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
64112d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
64212d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
64312d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
64412d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
64512d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
64612d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
64712d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
64812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
64912d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
65012d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
65112d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
65212d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
65312d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
65412d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
65512d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
65612d0.1754: supR3HardenedDllNotificationCallback: load 000007fefe010000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
65712d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
65812d0.1754: supR3HardenedDllNotificationCallback: load 000007feff520000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
65912d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msctf.dll [lacks WinVerifyTrust]
66012d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe010000 'C:\Windows\system32\IMM32.DLL'
66112d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077110000 'C:\Windows\system32\USER32.dll'
66212d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
66312d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
66412d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
66512d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\ncrypt.dll)
66612d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ncrypt.dll
66712d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
66812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
66912d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
67012d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
67112d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
67212d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
67312d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
67412d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
67512d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
67612d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
67712d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
67812d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
67912d0.1754: supR3HardenedDllNotificationCallback: load 000007fefcab0000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
68012d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
68112d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
68212d0.1754: supR3HardenedDllNotificationCallback: load 000007fefca80000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
68312d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
68412d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcab0000 'C:\Windows\system32\ncrypt.dll'
68512d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
68612d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
68712d0.1754: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
68812d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
68912d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
69012d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
69112d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
69212d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
69312d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
69412d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
69512d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
69612d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
69712d0.1754: supR3HardenedDllNotificationCallback: load 000007fefc570000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
69812d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
69912d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc570000 'C:\Windows\system32\bcryptprimitives.dll'
70012d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
70112d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
70212d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca80000 'C:\Windows\system32\bcrypt.dll'
70312d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
70412d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
70512d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
70612d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\userenv.dll)
70712d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\userenv.dll
70812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
70912d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
71012d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
71112d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
71212d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
71312d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
71412d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
71512d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
71612d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
71712d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
71812d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
71912d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
72012d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
72112d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
72212d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
72312d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\userenv.dll [lacks WinVerifyTrust]
72412d0.1754: supR3HardenedDllNotificationCallback: load 000007fefd180000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
72512d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\userenv.dll [lacks WinVerifyTrust]
72612d0.1754: supR3HardenedDllNotificationCallback: load 000007fefd0f0000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
72712d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust]
72812d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd180000 'C:\Windows\system32\USERENV.dll'
72912d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
73012d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
73112d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
73212d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
73312d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
73412d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
73512d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\gpapi.dll)
73612d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gpapi.dll
73712d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
73812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
73912d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
74012d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
74112d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
74212d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
74312d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
74412d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
74512d0.1754: supR3HardenedDllNotificationCallback: load 000007fefc3b0000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
74612d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
74712d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc3b0000 'C:\Windows\system32\GPAPI.dll'
74812d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
74912d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'API-MS-WIN-Service-Management-L1-1-0.dll'
75012d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
75112d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
75212d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5f0000 'C:\Windows\system32\rpcrt4.dll'
75312d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
75412d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'API-MS-WIN-Service-Management-L2-1-0.dll'
75512d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
75612d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
75712d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
75812d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
75912d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
76012d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
76112d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptnet.dll)
76212d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptnet.dll
76312d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
76412d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume4\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
76512d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
76612d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\Wldap32.dll)
76712d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\Wldap32.dll
76812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
76912d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
77012d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
77112d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
77212d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
77312d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
77412d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
77512d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
77612d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
77712d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
77812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
77912d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
78012d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
78112d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
78212d0.1754: supR3HardenedDllNotificationCallback: load 000007fef7ea0000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
78312d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
78412d0.1754: supR3HardenedDllNotificationCallback: load 000007fefe040000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
78512d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
78612d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
78712d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
78812d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
78912d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
79012d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
79112d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
79212d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
79312d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
79412d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
79512d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
79612d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
79712d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
79812d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
79912d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
80012d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
80112d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
80212d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
80312d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
80412d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
80512d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
80612d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
80712d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
80812d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
80912d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
81012d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
81112d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
81212d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
81312d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
81412d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
81512d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
81612d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7ea0000 'C:\Windows\system32\cryptnet.dll'
81712d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
81812d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
81912d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust]
82012d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
82112d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0f0000 'C:\Windows\system32\profapi.dll'
82212d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
82312d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
82412d0.1754: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
82512d0.1754: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll)
82612d0.1754: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
82712d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
82812d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
82912d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
83012d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
83112d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
83212d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
83312d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
83412d0.1754: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
83512d0.1754: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
83612d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
83712d0.1754: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
83812d0.1754: supR3HardenedDllNotificationCallback: load 000007feff380000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
83912d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
84012d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff380000 'C:\Windows\system32\SHLWAPI.dll'
84112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
84212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
84312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
84412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=771D512B7B1C39F0393BD4EF9FC62F442783FB35
84512d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
84612d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
84712d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
84812d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'API-MS-WIN-Service-Management-L1-1-0.dll'
84912d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
85012d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
85112d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
85212d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
85312d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf20000 'C:\Windows\system32\ADVAPI32.dll'
85412d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
85512d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
85612d0.1754: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007e4a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
85712d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
85812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
85912d0.1754: g_pfnWinVerifyTrust=000007fefd1f1010
86012d0.1754: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
86112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume4\Windows\System32\crypt32.dll
86212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
86312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
86412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0752B52B3009339E2F25EAE5A58D7AAA80FBDE38
86512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
86612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
86712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
86812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0752B52B3009339E2F25EAE5A58D7AAA80FBDE38
86912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
87012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
87112d0.1754: supR3HardenedScreenImage/preload: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\crypt32.dll'
87212d0.1754: Error (rc=0):
87312d0.1754: supR3HardenedScreenImage/preload: cached rc=Unknown Status -22900 (0xffffa68c) fImage=0 fProtect=0x0 fAccess=0x0 cHits=4 \Device\HarddiskVolume4\Windows\System32\crypt32.dll
87412d0.1754: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
87512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume4\Windows\System32\wintrust.dll
87612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
87712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
87812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=80662AB761CF56CEC7909E5D03289BC65B4457A8
87912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
88012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
88112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
88212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=80662AB761CF56CEC7909E5D03289BC65B4457A8
88312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
88412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
88512d0.1754: supR3HardenedScreenImage/preload: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\wintrust.dll'
88612d0.1754: Error (rc=0):
88712d0.1754: supR3HardenedScreenImage/preload: cached rc=Unknown Status -22900 (0xffffa68c) fImage=0 fProtect=0x0 fAccess=0x0 cHits=4 \Device\HarddiskVolume4\Windows\System32\wintrust.dll
88812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000038c pwszName=\Device\HarddiskVolume4\Windows\System32\shlwapi.dll
88912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
89012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
89112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
89212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
89312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
89412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
89512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
89612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
89712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
89812d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'
89912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\HarddiskVolume4\Windows\System32\Wldap32.dll
90012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
90112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
90212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
90312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
90412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
90512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
90612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
90712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
90812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
90912d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\Wldap32.dll'
91012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000380 pwszName=\Device\HarddiskVolume4\Windows\System32\cryptnet.dll
91112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
91212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
91312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F
91412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
91512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
91612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
91712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F
91812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
91912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
92012d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
92112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000025c pwszName=\Device\HarddiskVolume4\Windows\System32\gpapi.dll
92212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
92312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
92412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
92512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
92612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
92712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
92812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
92912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
93012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
93112d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gpapi.dll'
93212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c8 pwszName=\Device\HarddiskVolume4\Windows\System32\profapi.dll
93312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
93412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
93512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
93612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
93712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
93812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
93912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
94012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
94112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
94212d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\profapi.dll'
94312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume4\Windows\System32\userenv.dll
94412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
94512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
94612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
94712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
94812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
94912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
95012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
95112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
95212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
95312d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\userenv.dll'
95412d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll'
95512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000019c pwszName=\Device\HarddiskVolume4\Windows\System32\bcrypt.dll
95612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
95712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
95812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
95912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
96012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
96112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
96212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
96312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
96412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
96512d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll'
96612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume4\Windows\System32\ncrypt.dll
96712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
96812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
96912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D68DA0EBD4E0AA6C401CF7C54CEA904099DD3933
97012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
97112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
97212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
97312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D68DA0EBD4E0AA6C401CF7C54CEA904099DD3933
97412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
97512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
97612d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ncrypt.dll'
97712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume4\Windows\System32\msctf.dll
97812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
97912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
98012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
98112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
98212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
98312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
98412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
98512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
98612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
98712d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msctf.dll'
98812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume4\Windows\System32\imm32.dll
98912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
99012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
99112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
99212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
99312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
99412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
99512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
99612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
99712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
99812d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll'
99912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume4\Windows\System32\usp10.dll
100012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
100112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
100212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
100312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
100412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
100512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
100612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
100712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
100812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
100912d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\usp10.dll'
101012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000170 pwszName=\Device\HarddiskVolume4\Windows\System32\lpk.dll
101112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
101212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
101312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB
101412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
101512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
101612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
101712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB
101812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
101912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
102012d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\lpk.dll'
102112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\HarddiskVolume4\Windows\System32\gdi32.dll
102212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
102312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
102412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9
102512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
102612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
102712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
102812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9
102912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
103012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
103112d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'
103212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000168 pwszName=\Device\HarddiskVolume4\Windows\System32\user32.dll
103312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
103412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
103512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
103612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
103712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
103812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
103912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
104012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
104112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
104212d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\user32.dll'
104312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000164 pwszName=\Device\HarddiskVolume4\Windows\System32\imagehlp.dll
104412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
104512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
104612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
104712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
104812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
104912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
105012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
105112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
105212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
105312d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imagehlp.dll'
105412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume4\Windows\System32\cryptbase.dll
105512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
105612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
105712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
105812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
105912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
106012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
106112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
106212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
106312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
106412d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptbase.dll'
106512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000114 pwszName=\Device\HarddiskVolume4\Windows\System32\sechost.dll
106612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
106712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
106812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
106912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
107012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
107112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
107212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
107312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
107412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
107512d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sechost.dll'
107612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000108 pwszName=\Device\HarddiskVolume4\Windows\System32\advapi32.dll
107712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
107812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
107912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4
108012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
108112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
108212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
108312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4
108412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
108512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
108612d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\advapi32.dll'
108712d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rsaenh.dll'
108812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume4\Windows\System32\cryptsp.dll
108912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
109012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
109112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
109212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
109312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
109412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
109512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
109612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
109712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
109812d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptsp.dll'
109912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume4\Windows\System32\msvcrt.dll
110012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
110112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
110212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
110312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
110412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
110512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
110612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
110712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
110812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
110912d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll'
111012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume4\Windows\System32\msasn1.dll
111112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
111212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
111312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
111412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
111512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
111612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
111712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
111812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
111912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
112012d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msasn1.dll'
112112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
112212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
112312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
112412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12
112512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
112612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
112712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
112812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12
112912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
113012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
113112d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll'
113212d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
113312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume4\Windows\System32\KernelBase.dll
113412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
113512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
113612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57EB6F834C5A5D9585A660D91756134028A3B089
113712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
113812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
113912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
114012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57EB6F834C5A5D9585A660D91756134028A3B089
114112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
114212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
114312d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\KernelBase.dll'
114412d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume4\Windows\System32\kernel32.dll
114512d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000825a70
114612d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
114712d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
114812d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
114912d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000825a70
115012d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000825a70
115112d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
115212d0.1754: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
115312d0.1754: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
115412d0.1754: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel32.dll'
115512d0.1754: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
115612d0.1754: Error (rc=0):
115712d0.1754: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=5 \Device\HarddiskVolume4\Windows\System32\crypt32.dll
115812d0.1754: Error (rc=0):
115912d0.1754: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\crypt32.dll' (C:\Windows\system32\crypt32.dll): rcNt=0xc0000190
116012d0.1754: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\crypt32.dll'
116112d0.1754: Fatal error:
116212d0.1754: Error loading 'crypt32.dll': 1790 [C:\Windows\system32\crypt32.dll]
11631094.1484: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 569 ms, the end);
1164d84.9a8: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 999 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy