VirtualBox

Ticket #13187: VBoxStartup.4.log

File VBoxStartup.4.log, 150.8 KB (added by Marki555, 10 years ago)

unable to start VM on 4.3.16

Line 
1a3b8.9eb4: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2a3b8.9eb4: Calling main()
3a3b8.9eb4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4a3b8.9eb4: SUPR3HardenedMain: Respawn #1
5a3b8.9eb4: System32: \Device\HarddiskVolume1\Windows\System32
6a3b8.9eb4: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
7a3b8.9eb4: ProgDir: \Device\HarddiskVolume1\Program Files
8a3b8.9eb4: ComDir: \Device\HarddiskVolume1\Program Files\Common Files
9a3b8.9eb4: ProgDir32: \Device\HarddiskVolume1\Program Files (x86)
10a3b8.9eb4: ComDir32: \Device\HarddiskVolume1\Program Files (x86)\Common Files
11a3b8.9eb4: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe' has no imports
12a3b8.9eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe)
13a3b8.9eb4: supR3HardNtEnableThreadCreation:
14a3b8.9eb4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007768c340 pvNtTerminateThread=00000000776b17e0
15a3b8.9eb4: supR3HardenedWinDoReSpawn(1): New child b3b0.8278 [kernel32].
16a3b8.9eb4: supR3HardenedWinPurifyChild: PebBaseAddress=000007fffffdf000 cbPeb=0x380
17a3b8.9eb4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077660000 uNtDllChildAddr=0000000077660000
18a3b8.9eb4: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=000000007768c340 uNtTerminateThread=00000000776b17e0
19a3b8.9eb4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007768c340 pvNtTerminateThread=00000000776b17e0
20a3b8.9eb4: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
21a3b8.9eb4: supR3HardNtPuChTriggerInitialImageEvents: ntdll.dll[2nd] mapped at 0000000000190000 LB 0x1a9000
22a3b8.9eb4: supR3HardNtPuChTriggerInitialImageEvents: mapping view of kernel32.dll
23a3b8.9eb4: supR3HardNtPuChTriggerInitialImageEvents: kernel32.dll mapped at 0000000077540000 LB 0x11f000
24a3b8.9eb4: supR3HardNtPuChTriggerInitialImageEvents: mapping view of KernelBase.dll
25a3b8.9eb4: supR3HardNtPuChTriggerInitialImageEvents: KernelBase.dll mapped at 000007fefd610000 LB 0x6b000
26a3b8.9eb4: supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: 15 ms
27a3b8.9eb4: supR3HardNtEnableThreadCreation:
28a3b8.9eb4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
29a3b8.9eb4: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
30a3b8.9eb4: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
31a3b8.9eb4: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
32a3b8.9eb4: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
33a3b8.9eb4: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
34a3b8.9eb4: 0000000000041000-ffffffffffff1fff 0x0001/0x0000 0x0000000
35a3b8.9eb4: *0000000000090000-fffffffffff93fff 0x0000/0x0004 0x0020000
36a3b8.9eb4: 000000000018c000-0000000000188fff 0x0104/0x0004 0x0020000
37a3b8.9eb4: 000000000018f000-000000000018dfff 0x0004/0x0004 0x0020000
38a3b8.9eb4: 0000000000190000-ffffffff88cbffff 0x0001/0x0000 0x0000000
39a3b8.9eb4: *0000000077660000-000000007765efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
40a3b8.9eb4: 0000000077661000-000000007755efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
41a3b8.9eb4: 0000000077763000-0000000077733fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
42a3b8.9eb4: 0000000077792000-0000000077789fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
43a3b8.9eb4: 000000007779a000-0000000077798fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
44a3b8.9eb4: 000000007779b000-0000000077797fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
45a3b8.9eb4: 000000007779e000-0000000077732fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
46a3b8.9eb4: 0000000077809000-0000000070031fff 0x0001/0x0000 0x0000000
47a3b8.9eb4: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
48a3b8.9eb4: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
49a3b8.9eb4: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
50a3b8.9eb4: 000000007fff0000-ffffffffc0c6ffff 0x0001/0x0000 0x0000000
51a3b8.9eb4: *000000013f370000-000000013f36efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
52a3b8.9eb4: 000000013f371000-000000013f2f1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
53a3b8.9eb4: 000000013f3f0000-000000013f3eefff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
54a3b8.9eb4: 000000013f3f1000-000000013f3b9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
55a3b8.9eb4: 000000013f428000-000000013f41efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
56a3b8.9eb4: 000000013f431000-000000013f3f7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
57a3b8.9eb4: 000000013f46a000-fffff8037ef53fff 0x0001/0x0000 0x0000000
58a3b8.9eb4: *000007feff980000-000007feff97efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
59a3b8.9eb4: 000007feff981000-000007fdff351fff 0x0001/0x0000 0x0000000
60a3b8.9eb4: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
61a3b8.9eb4: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
62a3b8.9eb4: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
63a3b8.9eb4: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
64a3b8.9eb4: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
65a3b8.9eb4: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe' has no imports
66a3b8.9eb4: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
67a3b8.9eb4: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
68b3b0.8278: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
69b3b0.8278: Calling main()
70b3b0.8278: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
71b3b0.8278: System32: \Device\HarddiskVolume1\Windows\System32
72b3b0.8278: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
73b3b0.8278: ProgDir: \Device\HarddiskVolume1\Program Files
74b3b0.8278: ComDir: \Device\HarddiskVolume1\Program Files\Common Files
75b3b0.8278: ProgDir32: \Device\HarddiskVolume1\Program Files (x86)
76b3b0.8278: ComDir32: \Device\HarddiskVolume1\Program Files (x86)\Common Files
77b3b0.8278: supR3HardenedWinInit: Startup delay kludge #2/0: 93 ms, 10 sleeps
78b3b0.8278: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
79b3b0.8278: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
80b3b0.8278: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
81b3b0.8278: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
82b3b0.8278: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
83b3b0.8278: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
84b3b0.8278: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
85b3b0.8278: 0000000000041000-ffffffffffff1fff 0x0001/0x0000 0x0000000
86b3b0.8278: *0000000000090000-fffffffffff94fff 0x0000/0x0004 0x0020000
87b3b0.8278: 000000000018b000-0000000000188fff 0x0104/0x0004 0x0020000
88b3b0.8278: 000000000018d000-0000000000189fff 0x0004/0x0004 0x0020000
89b3b0.8278: *0000000000190000-0000000000128fff 0x0002/0x0002 0x0040000
90b3b0.8278: 00000000001f7000-000000000014dfff 0x0001/0x0000 0x0000000
91b3b0.8278: *00000000002a0000-0000000000235fff 0x0004/0x0004 0x0020000
92b3b0.8278: 000000000030a000-0000000000273fff 0x0000/0x0004 0x0020000
93b3b0.8278: *00000000003a0000-00000000001f5fff 0x0004/0x0004 0x0020000
94b3b0.8278: 000000000054a000-ffffffff89553fff 0x0001/0x0000 0x0000000
95b3b0.8278: *0000000077540000-000000007753efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
96b3b0.8278: 0000000077541000-00000000774a5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
97b3b0.8278: 00000000775dc000-000000007756dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
98b3b0.8278: 000000007764a000-0000000077647fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
99b3b0.8278: 000000007764c000-0000000077638fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
100b3b0.8278: 000000007765f000-000000007765dfff 0x0001/0x0000 0x0000000
101b3b0.8278: *0000000077660000-000000007765efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
102b3b0.8278: 0000000077661000-000000007755efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
103b3b0.8278: 0000000077763000-0000000077733fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
104b3b0.8278: 0000000077792000-0000000077790fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
105b3b0.8278: 0000000077793000-0000000077791fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
106b3b0.8278: 0000000077794000-0000000077792fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
107b3b0.8278: 0000000077795000-0000000077792fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
108b3b0.8278: 0000000077797000-0000000077795fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
109b3b0.8278: 0000000077798000-0000000077796fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
110b3b0.8278: 0000000077799000-0000000077796fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
111b3b0.8278: 000000007779b000-0000000077799fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
112b3b0.8278: 000000007779c000-0000000077799fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
113b3b0.8278: 000000007779e000-0000000077732fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
114b3b0.8278: 0000000077809000-0000000070031fff 0x0001/0x0000 0x0000000
115b3b0.8278: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
116b3b0.8278: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
117b3b0.8278: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
118b3b0.8278: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
119b3b0.8278: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
120b3b0.8278: 000000007fff0000-ffffffffc0c6ffff 0x0001/0x0000 0x0000000
121b3b0.8278: *000000013f370000-000000013f36efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
122b3b0.8278: 000000013f371000-000000013f2f1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
123b3b0.8278: 000000013f3f0000-000000013f3eefff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
124b3b0.8278: 000000013f3f1000-000000013f3b9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
125b3b0.8278: 000000013f428000-000000013f41efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
126b3b0.8278: 000000013f431000-000000013f3f7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
127b3b0.8278: 000000013f46a000-fffff803812c3fff 0x0001/0x0000 0x0000000
128b3b0.8278: *000007fefd610000-000007fefd60efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
129b3b0.8278: 000007fefd611000-000007fefd5c6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
130b3b0.8278: 000007fefd65b000-000007fefd645fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
131b3b0.8278: 000007fefd670000-000007fefd66dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
132b3b0.8278: 000007fefd672000-000007fefd668fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
133b3b0.8278: 000007fefd67b000-000007fefb375fff 0x0001/0x0000 0x0000000
134b3b0.8278: *000007feff980000-000007feff97efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
135b3b0.8278: 000007feff981000-000007fdff351fff 0x0001/0x0000 0x0000000
136b3b0.8278: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
137b3b0.8278: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
138b3b0.8278: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
139b3b0.8278: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
140b3b0.8278: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
141b3b0.8278: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe' has no imports
142b3b0.8278: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
143b3b0.8278: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
144b3b0.8278: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe' has no imports
145b3b0.8278: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe)
146b3b0.8278: supHardNtVpScanVirtualMemory: enmKind=VERIFY_ONLY
147b3b0.8278: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
148b3b0.8278: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
149b3b0.8278: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
150b3b0.8278: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
151b3b0.8278: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
152b3b0.8278: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
153b3b0.8278: 0000000000041000-ffffffffffff1fff 0x0001/0x0000 0x0000000
154b3b0.8278: *0000000000090000-fffffffffff95fff 0x0000/0x0004 0x0020000
155b3b0.8278: 000000000018a000-0000000000187fff 0x0104/0x0004 0x0020000
156b3b0.8278: 000000000018c000-0000000000187fff 0x0004/0x0004 0x0020000
157b3b0.8278: *0000000000190000-0000000000128fff 0x0002/0x0002 0x0040000
158b3b0.8278: 00000000001f7000-000000000014dfff 0x0001/0x0000 0x0000000
159b3b0.8278: *00000000002a0000-00000000001b2fff 0x0004/0x0004 0x0020000
160b3b0.8278: 000000000038d000-0000000000379fff 0x0000/0x0004 0x0020000
161b3b0.8278: *00000000003a0000-00000000001f5fff 0x0004/0x0004 0x0020000
162b3b0.8278: 000000000054a000-0000000000543fff 0x0001/0x0000 0x0000000
163b3b0.8278: *0000000000550000-0000000000453fff 0x0004/0x0004 0x0020000
164b3b0.8278: 000000000064c000-0000000000647fff 0x0000/0x0004 0x0020000
165b3b0.8278: *0000000000650000-00000000005e2fff 0x0004/0x0004 0x0020000
166b3b0.8278: 00000000006bd000-0000000000529fff 0x0000/0x0004 0x0020000
167b3b0.8278: *0000000000850000-000000000072ffff 0x0004/0x0004 0x0020000
168b3b0.8278: 0000000000970000-ffffffff89d9ffff 0x0001/0x0000 0x0000000
169b3b0.8278: *0000000077540000-000000007753efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
170b3b0.8278: 0000000077541000-00000000774a5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
171b3b0.8278: 00000000775dc000-000000007756dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
172b3b0.8278: 000000007764a000-0000000077647fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
173b3b0.8278: 000000007764c000-0000000077638fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
174b3b0.8278: 000000007765f000-000000007765dfff 0x0001/0x0000 0x0000000
175b3b0.8278: *0000000077660000-000000007765efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
176b3b0.8278: 0000000077661000-000000007755efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
177b3b0.8278: 0000000077763000-0000000077733fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
178b3b0.8278: 0000000077792000-0000000077790fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
179b3b0.8278: 0000000077793000-0000000077791fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
180b3b0.8278: 0000000077794000-0000000077792fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
181b3b0.8278: 0000000077795000-0000000077792fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
182b3b0.8278: 0000000077797000-0000000077795fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
183b3b0.8278: 0000000077798000-0000000077796fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
184b3b0.8278: 0000000077799000-0000000077796fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
185b3b0.8278: 000000007779b000-0000000077799fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
186b3b0.8278: 000000007779c000-0000000077799fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
187b3b0.8278: 000000007779e000-0000000077732fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
188b3b0.8278: 0000000077809000-0000000077801fff 0x0001/0x0000 0x0000000
189b3b0.8278: *0000000077810000-000000007780efff 0x0004/0x0004 0x0020000
190b3b0.8278: 0000000077811000-0000000070041fff 0x0001/0x0000 0x0000000
191b3b0.8278: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
192b3b0.8278: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
193b3b0.8278: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
194b3b0.8278: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
195b3b0.8278: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
196b3b0.8278: 000000007fff0000-ffffffffc0c6ffff 0x0001/0x0000 0x0000000
197b3b0.8278: *000000013f370000-000000013f36efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
198b3b0.8278: 000000013f371000-000000013f2f0fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
199b3b0.8278: 000000013f3f1000-000000013f3b9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
200b3b0.8278: 000000013f428000-000000013f41efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
201b3b0.8278: 000000013f431000-000000013f3f7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
202b3b0.8278: 000000013f46a000-fffff803812c3fff 0x0001/0x0000 0x0000000
203b3b0.8278: *000007fefd610000-000007fefd60efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
204b3b0.8278: 000007fefd611000-000007fefd5c6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
205b3b0.8278: 000007fefd65b000-000007fefd645fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
206b3b0.8278: 000007fefd670000-000007fefd66dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
207b3b0.8278: 000007fefd672000-000007fefd668fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
208b3b0.8278: 000007fefd67b000-000007fefb375fff 0x0001/0x0000 0x0000000
209b3b0.8278: *000007feff980000-000007feff97efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
210b3b0.8278: 000007feff981000-000007fdff351fff 0x0001/0x0000 0x0000000
211b3b0.8278: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
212b3b0.8278: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
213b3b0.8278: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
214b3b0.8278: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
215b3b0.8278: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
216b3b0.8278: SUPR3HardenedMain: Respawn #2
217b3b0.8278: supR3HardNtEnableThreadCreation:
218b3b0.8278: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags>
219b3b0.8278: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)
220b3b0.8278: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
221b3b0.8278: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
222b3b0.8278: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd430000 'C:\Windows\system32\apphelp.dll'
223b3b0.8278: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007768c340 pvNtTerminateThread=00000000776b17e0
224b3b0.8278: supR3HardenedWinDoReSpawn(2): New child 49bc.a860 [kernel32].
225b3b0.8278: supR3HardenedWinPurifyChild: PebBaseAddress=000007fffffda000 cbPeb=0x380
226b3b0.8278: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077660000 uNtDllChildAddr=0000000077660000
227b3b0.8278: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=000000007768c340 uNtTerminateThread=00000000776b17e0
228b3b0.8278: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007768c340 pvNtTerminateThread=00000000776b17e0
229b3b0.8278: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
230b3b0.8278: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ntdll.dll)
231b3b0.8278: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ntdll.dll
232b3b0.8278: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
233b3b0.8278: supR3HardNtPuChTriggerInitialImageEvents: ntdll.dll[2nd] mapped at 0000000000210000 LB 0x1a9000
234b3b0.8278: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
235b3b0.8278: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
236b3b0.8278: supR3HardNtPuChTriggerInitialImageEvents: mapping view of kernel32.dll
237b3b0.8278: supR3HardNtPuChTriggerInitialImageEvents: kernel32.dll mapped at 0000000077540000 LB 0x11f000
238b3b0.8278: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
239b3b0.8278: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
240b3b0.8278: supR3HardNtPuChTriggerInitialImageEvents: mapping view of KernelBase.dll
241b3b0.8278: supR3HardNtPuChTriggerInitialImageEvents: KernelBase.dll mapped at 000007fefd610000 LB 0x6b000
242b3b0.8278: supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: 15 ms
243b3b0.8278: supR3HardNtEnableThreadCreation:
244b3b0.8278: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
245b3b0.8278: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
246b3b0.8278: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
247b3b0.8278: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
248b3b0.8278: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
249b3b0.8278: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
250b3b0.8278: 0000000000041000-fffffffffff71fff 0x0001/0x0000 0x0000000
251b3b0.8278: *0000000000110000-0000000000013fff 0x0000/0x0004 0x0020000
252b3b0.8278: 000000000020c000-0000000000208fff 0x0104/0x0004 0x0020000
253b3b0.8278: 000000000020f000-000000000020dfff 0x0004/0x0004 0x0020000
254b3b0.8278: 0000000000210000-ffffffff88dbffff 0x0001/0x0000 0x0000000
255b3b0.8278: *0000000077660000-000000007765efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
256b3b0.8278: 0000000077661000-000000007755efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
257b3b0.8278: 0000000077763000-0000000077733fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
258b3b0.8278: 0000000077792000-0000000077789fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
259b3b0.8278: 000000007779a000-0000000077798fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
260b3b0.8278: 000000007779b000-0000000077797fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
261b3b0.8278: 000000007779e000-0000000077732fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
262b3b0.8278: 0000000077809000-0000000070031fff 0x0001/0x0000 0x0000000
263b3b0.8278: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
264b3b0.8278: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
265b3b0.8278: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
266b3b0.8278: 000000007fff0000-ffffffffc0c6ffff 0x0001/0x0000 0x0000000
267b3b0.8278: *000000013f370000-000000013f36efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
268b3b0.8278: 000000013f371000-000000013f2f1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
269b3b0.8278: 000000013f3f0000-000000013f3eefff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
270b3b0.8278: 000000013f3f1000-000000013f3b9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
271b3b0.8278: 000000013f428000-000000013f41efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
272b3b0.8278: 000000013f431000-000000013f3f7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
273b3b0.8278: 000000013f46a000-fffff8037ef53fff 0x0001/0x0000 0x0000000
274b3b0.8278: *000007feff980000-000007feff97efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
275b3b0.8278: 000007feff981000-000007fdff351fff 0x0001/0x0000 0x0000000
276b3b0.8278: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
277b3b0.8278: 000007fffffd3000-000007fffffcbfff 0x0001/0x0000 0x0000000
278b3b0.8278: *000007fffffda000-000007fffffd8fff 0x0004/0x0004 0x0020000
279b3b0.8278: 000007fffffdb000-000007fffffd7fff 0x0001/0x0000 0x0000000
280b3b0.8278: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
281b3b0.8278: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
28249bc.a860: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
28349bc.a860: Calling main()
28449bc.a860: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
28549bc.a860: System32: \Device\HarddiskVolume1\Windows\System32
28649bc.a860: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
28749bc.a860: ProgDir: \Device\HarddiskVolume1\Program Files
28849bc.a860: ComDir: \Device\HarddiskVolume1\Program Files\Common Files
28949bc.a860: ProgDir32: \Device\HarddiskVolume1\Program Files (x86)
29049bc.a860: ComDir32: \Device\HarddiskVolume1\Program Files (x86)\Common Files
29149bc.a860: supR3HardenedWinInit: Startup delay kludge #2/0: 94 ms, 11 sleeps
29249bc.a860: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
29349bc.a860: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
29449bc.a860: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
29549bc.a860: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
29649bc.a860: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
29749bc.a860: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
29849bc.a860: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
29949bc.a860: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
30049bc.a860: *0000000000050000-fffffffffffe8fff 0x0002/0x0002 0x0040000
30149bc.a860: 00000000000b7000-000000000005dfff 0x0001/0x0000 0x0000000
30249bc.a860: *0000000000110000-0000000000014fff 0x0000/0x0004 0x0020000
30349bc.a860: 000000000020b000-0000000000208fff 0x0104/0x0004 0x0020000
30449bc.a860: 000000000020d000-0000000000209fff 0x0004/0x0004 0x0020000
30549bc.a860: 0000000000210000-000000000015ffff 0x0001/0x0000 0x0000000
30649bc.a860: *00000000002c0000-0000000000255fff 0x0004/0x0004 0x0020000
30749bc.a860: 000000000032a000-0000000000293fff 0x0000/0x0004 0x0020000
30849bc.a860: *00000000003c0000-0000000000215fff 0x0004/0x0004 0x0020000
30949bc.a860: 000000000056a000-ffffffff89593fff 0x0001/0x0000 0x0000000
31049bc.a860: *0000000077540000-000000007753efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
31149bc.a860: 0000000077541000-00000000774a5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
31249bc.a860: 00000000775dc000-000000007756dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
31349bc.a860: 000000007764a000-0000000077647fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
31449bc.a860: 000000007764c000-0000000077638fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
31549bc.a860: 000000007765f000-000000007765dfff 0x0001/0x0000 0x0000000
31649bc.a860: *0000000077660000-000000007765efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
31749bc.a860: 0000000077661000-000000007755efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
31849bc.a860: 0000000077763000-0000000077733fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
31949bc.a860: 0000000077792000-0000000077790fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
32049bc.a860: 0000000077793000-0000000077791fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
32149bc.a860: 0000000077794000-0000000077792fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
32249bc.a860: 0000000077795000-0000000077792fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
32349bc.a860: 0000000077797000-0000000077795fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
32449bc.a860: 0000000077798000-0000000077796fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
32549bc.a860: 0000000077799000-0000000077796fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
32649bc.a860: 000000007779b000-0000000077799fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
32749bc.a860: 000000007779c000-0000000077799fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
32849bc.a860: 000000007779e000-0000000077732fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
32949bc.a860: 0000000077809000-0000000070031fff 0x0001/0x0000 0x0000000
33049bc.a860: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
33149bc.a860: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
33249bc.a860: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
33349bc.a860: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
33449bc.a860: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
33549bc.a860: 000000007fff0000-ffffffffc0c6ffff 0x0001/0x0000 0x0000000
33649bc.a860: *000000013f370000-000000013f36efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
33749bc.a860: 000000013f371000-000000013f2f1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
33849bc.a860: 000000013f3f0000-000000013f3eefff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
33949bc.a860: 000000013f3f1000-000000013f3b9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
34049bc.a860: 000000013f428000-000000013f41efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
34149bc.a860: 000000013f431000-000000013f3f7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
34249bc.a860: 000000013f46a000-fffff803812c3fff 0x0001/0x0000 0x0000000
34349bc.a860: *000007fefd610000-000007fefd60efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
34449bc.a860: 000007fefd611000-000007fefd5c6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
34549bc.a860: 000007fefd65b000-000007fefd645fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
34649bc.a860: 000007fefd670000-000007fefd66dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
34749bc.a860: 000007fefd672000-000007fefd668fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
34849bc.a860: 000007fefd67b000-000007fefb375fff 0x0001/0x0000 0x0000000
34949bc.a860: *000007feff980000-000007feff97efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
35049bc.a860: 000007feff981000-000007fdff351fff 0x0001/0x0000 0x0000000
35149bc.a860: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
35249bc.a860: 000007fffffd3000-000007fffffcbfff 0x0001/0x0000 0x0000000
35349bc.a860: *000007fffffda000-000007fffffd8fff 0x0004/0x0004 0x0020000
35449bc.a860: 000007fffffdb000-000007fffffd7fff 0x0001/0x0000 0x0000000
35549bc.a860: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
35649bc.a860: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
35749bc.a860: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe' has no imports
35849bc.a860: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
35949bc.a860: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
36049bc.a860: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe' has no imports
36149bc.a860: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe)
36249bc.a860: supHardNtVpScanVirtualMemory: enmKind=VERIFY_ONLY
36349bc.a860: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
36449bc.a860: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
36549bc.a860: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
36649bc.a860: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
36749bc.a860: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
36849bc.a860: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
36949bc.a860: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
37049bc.a860: *0000000000050000-fffffffffffe8fff 0x0002/0x0002 0x0040000
37149bc.a860: 00000000000b7000-000000000005dfff 0x0001/0x0000 0x0000000
37249bc.a860: *0000000000110000-0000000000015fff 0x0000/0x0004 0x0020000
37349bc.a860: 000000000020a000-0000000000207fff 0x0104/0x0004 0x0020000
37449bc.a860: 000000000020c000-0000000000207fff 0x0004/0x0004 0x0020000
37549bc.a860: 0000000000210000-000000000015ffff 0x0001/0x0000 0x0000000
37649bc.a860: *00000000002c0000-00000000001d2fff 0x0004/0x0004 0x0020000
37749bc.a860: 00000000003ad000-0000000000399fff 0x0000/0x0004 0x0020000
37849bc.a860: *00000000003c0000-0000000000215fff 0x0004/0x0004 0x0020000
37949bc.a860: 000000000056a000-0000000000563fff 0x0001/0x0000 0x0000000
38049bc.a860: *0000000000570000-0000000000473fff 0x0004/0x0004 0x0020000
38149bc.a860: 000000000066c000-0000000000667fff 0x0000/0x0004 0x0020000
38249bc.a860: *0000000000670000-0000000000602fff 0x0004/0x0004 0x0020000
38349bc.a860: 00000000006dd000-0000000000549fff 0x0000/0x0004 0x0020000
38449bc.a860: *0000000000870000-000000000074ffff 0x0004/0x0004 0x0020000
38549bc.a860: 0000000000990000-ffffffff89ddffff 0x0001/0x0000 0x0000000
38649bc.a860: *0000000077540000-000000007753efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
38749bc.a860: 0000000077541000-00000000774a5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
38849bc.a860: 00000000775dc000-000000007756dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
38949bc.a860: 000000007764a000-0000000077647fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
39049bc.a860: 000000007764c000-0000000077638fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\kernel32.dll
39149bc.a860: 000000007765f000-000000007765dfff 0x0001/0x0000 0x0000000
39249bc.a860: *0000000077660000-000000007765efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
39349bc.a860: 0000000077661000-000000007755efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
39449bc.a860: 0000000077763000-0000000077733fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
39549bc.a860: 0000000077792000-0000000077790fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
39649bc.a860: 0000000077793000-0000000077791fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
39749bc.a860: 0000000077794000-0000000077792fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
39849bc.a860: 0000000077795000-0000000077792fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
39949bc.a860: 0000000077797000-0000000077795fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
40049bc.a860: 0000000077798000-0000000077796fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
40149bc.a860: 0000000077799000-0000000077796fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
40249bc.a860: 000000007779b000-0000000077799fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
40349bc.a860: 000000007779c000-0000000077799fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
40449bc.a860: 000000007779e000-0000000077732fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
40549bc.a860: 0000000077809000-0000000077801fff 0x0001/0x0000 0x0000000
40649bc.a860: *0000000077810000-000000007780efff 0x0004/0x0004 0x0020000
40749bc.a860: 0000000077811000-0000000070041fff 0x0001/0x0000 0x0000000
40849bc.a860: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
40949bc.a860: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
41049bc.a860: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
41149bc.a860: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
41249bc.a860: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
41349bc.a860: 000000007fff0000-ffffffffc0c6ffff 0x0001/0x0000 0x0000000
41449bc.a860: *000000013f370000-000000013f36efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
41549bc.a860: 000000013f371000-000000013f2f0fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
41649bc.a860: 000000013f3f1000-000000013f3b9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
41749bc.a860: 000000013f428000-000000013f41efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
41849bc.a860: 000000013f431000-000000013f3f7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBox.exe
41949bc.a860: 000000013f46a000-fffff803812c3fff 0x0001/0x0000 0x0000000
42049bc.a860: *000007fefd610000-000007fefd60efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
42149bc.a860: 000007fefd611000-000007fefd5c6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
42249bc.a860: 000007fefd65b000-000007fefd645fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
42349bc.a860: 000007fefd670000-000007fefd66dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
42449bc.a860: 000007fefd672000-000007fefd668fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
42549bc.a860: 000007fefd67b000-000007fefb375fff 0x0001/0x0000 0x0000000
42649bc.a860: *000007feff980000-000007feff97efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
42749bc.a860: 000007feff981000-000007fdff351fff 0x0001/0x0000 0x0000000
42849bc.a860: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
42949bc.a860: 000007fffffd3000-000007fffffcbfff 0x0001/0x0000 0x0000000
43049bc.a860: *000007fffffda000-000007fffffd8fff 0x0004/0x0004 0x0020000
43149bc.a860: 000007fffffdb000-000007fffffd7fff 0x0001/0x0000 0x0000000
43249bc.a860: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
43349bc.a860: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
43449bc.a860: SUPR3HardenedMain: Final process, opening VBoxDrv...
43549bc.a860: supR3HardNtEnableThreadCreation:
43649bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=00000000003acf20:C:\Windows\system32
43749bc.a860: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll)
43849bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll
43949bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
44049bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
44149bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
44249bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaea0000 'D:\Programs\VirtualBox\VBoxSupLib.DLL'
44349bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
44449bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
44549bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaea0000 'D:\Programs\VirtualBox\VBoxSupLib.DLL'
44649bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaea0000 'D:\Programs\VirtualBox\VBoxSupLib.DLL'
44749bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll *pfFlags=0x0 pwszSearchPath=00000000003acf20:C:\Windows\system32
44849bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
44949bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
45049bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
45149bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
45249bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\wintrust.dll)
45349bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wintrust.dll
45449bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
45549bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
45649bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)
45749bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
45849bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
45949bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
46049bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msasn1.dll)
46149bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msasn1.dll
46249bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
46349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
46449bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
46549bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
46649bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\crypt32.dll)
46749bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\crypt32.dll
46849bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
46949bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
47049bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)
47149bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
47249bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
47349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
47449bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
47549bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
47649bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
47749bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
47849bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
47949bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd930000 'C:\Windows\system32\Wintrust.dll'
48049bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
48149bc.a860: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\Windows\system32\CRYPTSP.dll' [rcNt=0xc0150008]
48249bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptsp.dll)
48349bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
48449bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
48549bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce30000 'C:\Windows\system32\CRYPTSP.dll'
48649bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
48749bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
48849bc.a860: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\rsaenh.dll)
48949bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rsaenh.dll
49049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
49149bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
49249bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
49349bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
49449bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb10000 'C:\Windows\system32\rsaenh.dll'
49549bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
49649bc.a860: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
49749bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
49849bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
49949bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)
50049bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll
50149bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
50249bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
50349bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
50449bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
50549bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
50649bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
50749bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
50849bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
50949bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
51049bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)
51149bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll
51249bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdce0000 'C:\Windows\system32\ADVAPI32.dll'
51349bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTBASE.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
51449bc.a860: supR3HardenedMonitor_LdrLoadDll: 'CRYPTBASE.dll' -> 'C:\Windows\system32\CRYPTBASE.dll' [rcNt=0xc0150008]
51549bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptbase.dll)
51649bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
51749bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
51849bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
51949bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
52049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
52149bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
52249bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
52349bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
52449bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd490000 'C:\Windows\system32\CRYPTBASE.dll'
52549bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=kernel32.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
52649bc.a860: supR3HardenedMonitor_LdrLoadDll: 'kernel32.dll' -> 'C:\Windows\system32\kernel32.dll' [rcNt=0xc0150008]
52749bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
52849bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
52949bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077540000 'C:\Windows\system32\kernel32.dll'
53049bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
53149bc.a860: supR3HardenedMonitor_LdrLoadDll: 'WINTRUST.DLL' -> 'C:\Windows\system32\WINTRUST.DLL' [rcNt=0xc0150008]
53249bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
53349bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd930000 'C:\Windows\system32\WINTRUST.DLL'
53449bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
53549bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
53649bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'C:\Windows\system32\CRYPT32.dll'
53749bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=imagehlp.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
53849bc.a860: supR3HardenedMonitor_LdrLoadDll: 'imagehlp.dll' -> 'C:\Windows\system32\imagehlp.dll' [rcNt=0xc0150008]
53949bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
54049bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
54149bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imagehlp.dll)
54249bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imagehlp.dll
54349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
54449bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
54549bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
54649bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
54749bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
54849bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
54949bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
55049bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe670000 'C:\Windows\system32\imagehlp.dll'
55149bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
55249bc.a860: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\Windows\system32\CRYPTSP.dll' [rcNt=0xc0150008]
55349bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
55449bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce30000 'C:\Windows\system32\CRYPTSP.dll'
55549bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=USER32.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
55649bc.a860: supR3HardenedMonitor_LdrLoadDll: 'USER32.dll' -> 'C:\Windows\system32\USER32.dll' [rcNt=0xc0150008]
55749bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
55849bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\user32.dll)
55949bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\user32.dll
56049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
56149bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
56249bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
56349bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
56449bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gdi32.dll)
56549bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gdi32.dll
56649bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
56749bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume1\Windows\System32\lpk.dll'
56849bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
56949bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
57049bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
57149bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\lpk.dll)
57249bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\lpk.dll
57349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
57449bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll'
57549bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
57649bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
57749bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume1\Windows\System32\usp10.dll'
57849bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
57949bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
58049bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
58149bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\usp10.dll)
58249bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\usp10.dll
58349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
58449bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll'
58549bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
58649bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
58749bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
58849bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
58949bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
59049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
59149bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
59249bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
59349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll'
59449bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
59549bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
59649bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
59749bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
59849bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
59949bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=gdi32.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
60049bc.a860: supR3HardenedMonitor_LdrLoadDll: 'gdi32.dll' -> 'C:\Windows\system32\gdi32.dll' [rcNt=0xc0150008]
60149bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
60249bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0a0000 'C:\Windows\system32\gdi32.dll'
60349bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
60449bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
60549bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
60649bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
60749bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imm32.dll)
60849bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imm32.dll
60949bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
61049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume1\Windows\System32\msctf.dll'
61149bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
61249bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
61349bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
61449bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
61549bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msctf.dll)
61649bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msctf.dll
61749bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
61849bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
61949bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
62049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
62149bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll'
62249bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
62349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
62449bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll'
62549bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
62649bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
62749bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
62849bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
62949bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
63049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll'
63149bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
63249bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
63349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
63449bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
63549bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
63649bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf50000 'C:\Windows\system32\IMM32.DLL'
63749bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077440000 'C:\Windows\system32\USER32.dll'
63849bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=ncrypt.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
63949bc.a860: supR3HardenedMonitor_LdrLoadDll: 'ncrypt.dll' -> 'C:\Windows\system32\ncrypt.dll' [rcNt=0xc0150008]
64049bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
64149bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
64249bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
64349bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\ncrypt.dll)
64449bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ncrypt.dll
64549bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
64649bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
64749bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
64849bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
64949bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
65049bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
65149bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
65249bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
65349bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\bcrypt.dll)
65449bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcrypt.dll
65549bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
65649bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
65749bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcfb0000 'C:\Windows\system32\ncrypt.dll'
65849bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
65949bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
66049bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
66149bc.a860: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll)
66249bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll
66349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
66449bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
66549bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
66649bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
66749bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
66849bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
66949bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
67049bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca50000 'C:\Windows\system32\bcryptprimitives.dll'
67149bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=bcrypt.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
67249bc.a860: supR3HardenedMonitor_LdrLoadDll: 'bcrypt.dll' -> 'C:\Windows\system32\bcrypt.dll' [rcNt=0xc0150008]
67349bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
67449bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf80000 'C:\Windows\system32\bcrypt.dll'
67549bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=USERENV.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
67649bc.a860: supR3HardenedMonitor_LdrLoadDll: 'USERENV.dll' -> 'C:\Windows\system32\USERENV.dll' [rcNt=0xc0150008]
67749bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
67849bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
67949bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
68049bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\userenv.dll)
68149bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\userenv.dll
68249bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
68349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\profapi.dll'
68449bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
68549bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\profapi.dll)
68649bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\profapi.dll
68749bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
68849bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
68949bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
69049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
69149bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
69249bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
69349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
69449bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
69549bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
69649bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
69749bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
69849bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc00000 'C:\Windows\system32\USERENV.dll'
69949bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
70049bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
70149bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
70249bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
70349bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=GPAPI.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
70449bc.a860: supR3HardenedMonitor_LdrLoadDll: 'GPAPI.dll' -> 'C:\Windows\system32\GPAPI.dll' [rcNt=0xc0150008]
70549bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
70649bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
70749bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gpapi.dll)
70849bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gpapi.dll
70949bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
71049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
71149bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
71249bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
71349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
71449bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
71549bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
71649bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc520000 'C:\Windows\system32\GPAPI.dll'
71749bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
71849bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1b0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
71949bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=rpcrt4.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
72049bc.a860: supR3HardenedMonitor_LdrLoadDll: 'rpcrt4.dll' -> 'C:\Windows\system32\rpcrt4.dll' [rcNt=0xc0150008]
72149bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
72249bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde20000 'C:\Windows\system32\rpcrt4.dll'
72349bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
72449bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1b0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
72549bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
72649bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
72749bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
72849bc.a860: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
72949bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
73049bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
73149bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
73249bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
73349bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptnet.dll)
73449bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptnet.dll
73549bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
73649bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\Windows\System32\wldap32.dll'
73749bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
73849bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\Wldap32.dll)
73949bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\Wldap32.dll
74049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
74149bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
74249bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
74349bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
74449bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
74549bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
74649bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
74749bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
74849bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
74949bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
75049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
75149bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
75249bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
75349bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
75449bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
75549bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
75649bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
75749bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
75849bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
75949bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
76049bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
76149bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
76249bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
76349bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
76449bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
76549bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
76649bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
76749bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
76849bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
76949bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
77049bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
77149bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
77249bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
77349bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
77449bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
77549bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
77649bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
77749bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
77849bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
77949bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
78049bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
78149bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
78249bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
78349bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
78449bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
78549bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
78649bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
78749bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
78849bc.a860: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
78949bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
79049bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c30000 'C:\Windows\system32\cryptnet.dll'
79149bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
79249bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
79349bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=profapi.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
79449bc.a860: supR3HardenedMonitor_LdrLoadDll: 'profapi.dll' -> 'C:\Windows\system32\profapi.dll' [rcNt=0xc0150008]
79549bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
79649bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd560000 'C:\Windows\system32\profapi.dll'
79749bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=SHLWAPI.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
79849bc.a860: supR3HardenedMonitor_LdrLoadDll: 'SHLWAPI.dll' -> 'C:\Windows\system32\SHLWAPI.dll' [rcNt=0xc0150008]
79949bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
80049bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
80149bc.a860: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
80249bc.a860: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\shlwapi.dll)
80349bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
80449bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
80549bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
80649bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
80749bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
80849bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll'
80949bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
81049bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
81149bc.a860: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
81249bc.a860: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
81349bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
81449bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff820000 'C:\Windows\system32\SHLWAPI.dll'
81549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
81649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000330cb0
81749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
81849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7A941C4A11C30FC248F9D3F7A1AE8206850480CE
81949bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
82049bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
82149bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
82249bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1b0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
82349bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
82449bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1b0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
82549bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
82649bc.a860: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
82749bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
82849bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdce0000 'C:\Windows\system32\ADVAPI32.dll'
82949bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
83049bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1b0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
83149bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000321330:D:\Programs\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Mozilla Firefox;C:\Program Files\RA2HP\;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\Windows\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ACTIVIDENTITY\ACTIVCLIENT\;C:\PROGRAM FILES (X86)\ACTIVIDENTITY\ACTIVCLIENT\;;C:\PROGRAM FILES (X86)\ATTACHMATE\REFLECTION\;C:\PROGRAM FILES\OPENVPN\BIN;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES (X86)\GNUWIN32\BIN;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\eID klient\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\GPAC
83249bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1b0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
83349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2872339~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\SystemRoot\System32\ntdll.dll'
83449bc.a860: g_pfnWinVerifyTrust=000007fefd931010
83549bc.a860: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
83649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume1\Windows\System32\crypt32.dll
83749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
83849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
83949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CF258E1DA85AD69891395F6F7501E1D54F2DFED8
84049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_112_for_KB2868626~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
84149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
84249bc.a860: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
84349bc.a860: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
84449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume1\Windows\System32\wintrust.dll
84549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
84649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
84749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DBD5D88D100825A4A22743B0FD6EF53BF9B657CA
84849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2653956~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
84949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
85049bc.a860: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
85149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000038c pwszName=\Device\HarddiskVolume1\Windows\System32\shlwapi.dll
85249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
85349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
85449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
85549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
85649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
85749bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
85849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000380 pwszName=\Device\HarddiskVolume1\Windows\System32\Wldap32.dll
85949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
86049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
86149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
86249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
86349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
86449bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
86549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000037c pwszName=\Device\HarddiskVolume1\Windows\System32\cryptnet.dll
86649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
86749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
86849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F
86949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB2868626~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
87049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
87149bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
87249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000258 pwszName=\Device\HarddiskVolume1\Windows\System32\gpapi.dll
87349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
87449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
87549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
87649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
87749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
87849bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
87949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume1\Windows\System32\profapi.dll
88049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
88149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
88249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
88349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\profapi.dll'
88449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
88549bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\profapi.dll'
88649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c0 pwszName=\Device\HarddiskVolume1\Windows\System32\userenv.dll
88749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
88849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
88949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
89049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\userenv.dll'
89149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
89249bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\userenv.dll'
89349bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll'
89449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume1\Windows\System32\bcrypt.dll
89549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
89649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
89749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
89849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
89949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
90049bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
90149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume1\Windows\System32\ncrypt.dll
90249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
90349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
90449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0DC2D4B5A74FD43339FA2F4C2E15D9DA54948F98
90549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2785220~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
90649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
90749bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
90849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume1\Windows\System32\msctf.dll
90949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
91049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
91149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
91249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\msctf.dll'
91349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
91449bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msctf.dll'
91549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume1\Windows\System32\imm32.dll
91649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
91749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
91849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
91949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\imm32.dll'
92049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
92149bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imm32.dll'
92249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000170 pwszName=\Device\HarddiskVolume1\Windows\System32\usp10.dll
92349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
92449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
92549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
92649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2957509~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\usp10.dll'
92749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
92849bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\usp10.dll'
92949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\HarddiskVolume1\Windows\System32\lpk.dll
93049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
93149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
93249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB
93349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2847311~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\lpk.dll'
93449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
93549bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\lpk.dll'
93649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000168 pwszName=\Device\HarddiskVolume1\Windows\System32\gdi32.dll
93749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
93849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
93949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0B3AA461D69745EDE2C3FADA9D3727DE1798B436
94049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2876331~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
94149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
94249bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
94349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000164 pwszName=\Device\HarddiskVolume1\Windows\System32\user32.dll
94449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
94549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
94649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
94749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\user32.dll'
94849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
94949bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\user32.dll'
95049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000160 pwszName=\Device\HarddiskVolume1\Windows\System32\imagehlp.dll
95149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
95249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
95349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
95449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
95549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
95649bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
95749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000015c pwszName=\Device\HarddiskVolume1\Windows\System32\kernel32.dll
95849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
95949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
96049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
96149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB2922229~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
96249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
96349bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
96449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000118 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptbase.dll
96549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
96649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
96749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
96849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
96949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
97049bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
97149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000010c pwszName=\Device\HarddiskVolume1\Windows\System32\sechost.dll
97249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
97349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
97449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
97549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\sechost.dll'
97649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
97749bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\sechost.dll'
97849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000100 pwszName=\Device\HarddiskVolume1\Windows\System32\advapi32.dll
97949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
98049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
98149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5D9314D6893066D9DFB03AE97E7B3F98DCCA2BB6
98249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_95_for_KB2775511~31bf3856ad364e35~amd64~~6.1.2.1.cat'; file='\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
98349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
98449bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
98549bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rsaenh.dll'
98649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000fc pwszName=\Device\HarddiskVolume1\Windows\System32\cryptsp.dll
98749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
98849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
98949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
99049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
99149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
99249bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
99349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume1\Windows\System32\msvcrt.dll
99449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
99549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
99649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
99749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
99849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
99949bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
100049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume1\Windows\System32\msasn1.dll
100149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
100249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
100349bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
100449bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
100549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
100649bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
100749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d0 pwszName=\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
100849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
100949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
101049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1EB2BE2307F01F34DA2384A4AD0FCACF451C25CA
101149bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2978668~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
101249bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
101349bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
101449bc.a860: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll'
101549bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll *pfFlags=0x0 pwszSearchPath=00000000006197b0:C:\Windows\system32
101649bc.a860: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
101749bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd720000 'C:\Windows\system32\crypt32.dll'
101849bc.a860: supR3HardenedWinIsDesiredRootCA: Adding 0xf25dbfcc9c0592a0 CN=
101949bc.a860: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
102049bc.a860: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
102149bc.a860: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
102249bc.a860: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: C=US, O=Hewlett-Packard Company, OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=Class 2 Managed PKI Individual Subscriber CA, CN=Collaboration Certification Authority G2
102349bc.a860: supR3HardenedWinIsDesiredRootCA: Adding 0xac90b80ffc294927 CN=
102449bc.a860: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags>
102549bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000045c pwszName=\Device\HarddiskVolume1\Windows\System32\apphelp.dll
102649bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000330cb0
102749bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000330cb0
102849bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82846C7DC170BBD7F68FE9966A8D339A60BCFF16
102949bc.a860: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume1\Windows\System32\apphelp.dll'
103049bc.a860: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
103149bc.a860: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)WinVerifyTrust
103249bc.a860: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
103349bc.a860: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll
103449bc.a860: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd430000 'C:\Windows\system32\apphelp.dll'
1035b3b0.8278: supR3HardenedWinDoReSpawn(2): Quitting: ExitCode=0xc0000005 rcNt=0x0
1036a3b8.9eb4: supR3HardenedWinDoReSpawn(1): Quitting: ExitCode=0xc0000005 rcNt=0x0

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy