| 1 | 1358.135c: Log file opened: 4.3.20r96996 g_hStartupLog=00000000000000ac g_uNtVerCombined=0x611db110
|
|---|
| 2 | 1358.135c: \SystemRoot\System32\ntdll.dll:
|
|---|
| 3 | 1358.135c: CreationTime: 2012-06-05T09:08:33.845363600Z
|
|---|
| 4 | 1358.135c: LastWriteTime: 2011-11-17T06:41:18.858669900Z
|
|---|
| 5 | 1358.135c: ChangeTime: 2012-06-27T07:23:11.852173900Z
|
|---|
| 6 | 1358.135c: FileAttributes: 0x20
|
|---|
| 7 | 1358.135c: Size: 0x1a6d50
|
|---|
| 8 | 1358.135c: NT Headers: 0xe0
|
|---|
| 9 | 1358.135c: Timestamp: 0x4ec4aa8e
|
|---|
| 10 | 1358.135c: Machine: 0x8664 - amd64
|
|---|
| 11 | 1358.135c: Timestamp: 0x4ec4aa8e
|
|---|
| 12 | 1358.135c: Image Version: 6.1
|
|---|
| 13 | 1358.135c: SizeOfImage: 0x1a9000 (1740800)
|
|---|
| 14 | 1358.135c: Resource Dir: 0x151000 LB 0x560d8
|
|---|
| 15 | 1358.135c: ProductName: Microsoft® Windows® Operating System
|
|---|
| 16 | 1358.135c: ProductVersion: 6.1.7601.17725
|
|---|
| 17 | 1358.135c: FileVersion: 6.1.7601.17725 (win7sp1_gdr.111116-1503)
|
|---|
| 18 | 1358.135c: FileDescription: NT Layer DLL
|
|---|
| 19 | 1358.135c: \SystemRoot\System32\kernel32.dll:
|
|---|
| 20 | 1358.135c: CreationTime: 2012-06-05T09:10:20.487150900Z
|
|---|
| 21 | 1358.135c: LastWriteTime: 2011-07-16T05:37:12.377000000Z
|
|---|
| 22 | 1358.135c: ChangeTime: 2012-06-27T07:23:11.259372900Z
|
|---|
| 23 | 1358.135c: FileAttributes: 0x20
|
|---|
| 24 | 1358.135c: Size: 0x11be00
|
|---|
| 25 | 1358.135c: NT Headers: 0xe8
|
|---|
| 26 | 1358.135c: Timestamp: 0x4e21213b
|
|---|
| 27 | 1358.135c: Machine: 0x8664 - amd64
|
|---|
| 28 | 1358.135c: Timestamp: 0x4e21213b
|
|---|
| 29 | 1358.135c: Image Version: 6.1
|
|---|
| 30 | 1358.135c: SizeOfImage: 0x11f000 (1175552)
|
|---|
| 31 | 1358.135c: Resource Dir: 0x116000 LB 0x528
|
|---|
| 32 | 1358.135c: ProductName: Microsoft® Windows® Operating System
|
|---|
| 33 | 1358.135c: ProductVersion: 6.1.7601.17651
|
|---|
| 34 | 1358.135c: FileVersion: 6.1.7601.17651 (win7sp1_gdr.110715-1504)
|
|---|
| 35 | 1358.135c: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 36 | 1358.135c: \SystemRoot\System32\KernelBase.dll:
|
|---|
| 37 | 1358.135c: CreationTime: 2012-06-05T09:10:20.533951000Z
|
|---|
| 38 | 1358.135c: LastWriteTime: 2011-07-16T05:37:12.596000000Z
|
|---|
| 39 | 1358.135c: ChangeTime: 2012-06-27T07:23:11.274972900Z
|
|---|
| 40 | 1358.135c: FileAttributes: 0x20
|
|---|
| 41 | 1358.135c: Size: 0x67000
|
|---|
| 42 | 1358.135c: NT Headers: 0xe8
|
|---|
| 43 | 1358.135c: Timestamp: 0x4e21213c
|
|---|
| 44 | 1358.135c: Machine: 0x8664 - amd64
|
|---|
| 45 | 1358.135c: Timestamp: 0x4e21213c
|
|---|
| 46 | 1358.135c: Image Version: 6.1
|
|---|
| 47 | 1358.135c: SizeOfImage: 0x6c000 (442368)
|
|---|
| 48 | 1358.135c: Resource Dir: 0x6a000 LB 0x530
|
|---|
| 49 | 1358.135c: ProductName: Microsoft® Windows® Operating System
|
|---|
| 50 | 1358.135c: ProductVersion: 6.1.7601.17651
|
|---|
| 51 | 1358.135c: FileVersion: 6.1.7601.17651 (win7sp1_gdr.110715-1504)
|
|---|
| 52 | 1358.135c: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 53 | 1358.135c: \SystemRoot\System32\apisetschema.dll:
|
|---|
| 54 | 1358.135c: CreationTime: 2009-07-13T23:18:54.866423200Z
|
|---|
| 55 | 1358.135c: LastWriteTime: 2009-07-14T01:24:53.779000000Z
|
|---|
| 56 | 1358.135c: ChangeTime: 2012-06-27T07:23:12.756975500Z
|
|---|
| 57 | 1358.135c: FileAttributes: 0x20
|
|---|
| 58 | 1358.135c: Size: 0x1a00
|
|---|
| 59 | 1358.135c: NT Headers: 0xc0
|
|---|
| 60 | 1358.135c: Timestamp: 0x4a5bdeab
|
|---|
| 61 | 1358.135c: Machine: 0x8664 - amd64
|
|---|
| 62 | 1358.135c: Timestamp: 0x4a5bdeab
|
|---|
| 63 | 1358.135c: Image Version: 6.1
|
|---|
| 64 | 1358.135c: SizeOfImage: 0x50000 (327680)
|
|---|
| 65 | 1358.135c: Resource Dir: 0x30000 LB 0x3f0
|
|---|
| 66 | 1358.135c: ProductName: Microsoft® Windows® Operating System
|
|---|
| 67 | 1358.135c: ProductVersion: 6.1.7600.16385
|
|---|
| 68 | 1358.135c: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
|
|---|
| 69 | 1358.135c: FileDescription: ApiSet Schema DLL
|
|---|
| 70 | 1358.135c: supR3HardenedWinFindAdversaries: 0x0
|
|---|
| 71 | 1358.135c: Calling main()
|
|---|
| 72 | 1358.135c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
|
|---|
| 73 | 1358.135c: SUPR3HardenedMain: Respawn #1
|
|---|
| 74 | 1358.135c: System32: \Device\HarddiskVolume2\Windows\System32
|
|---|
| 75 | 1358.135c: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
|
|---|
| 76 | 1358.135c: KnownDllPath: C:\Windows\system32
|
|---|
| 77 | 1358.135c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 78 | 1358.135c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
|
|---|
| 79 | 1358.135c: supR3HardNtEnableThreadCreation:
|
|---|
| 80 | 1358.135c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007716c320 pvNtTerminateThread=0000000077191840
|
|---|
| 81 | 1358.135c: supR3HardenedWinDoReSpawn(1): New child 1368.136c [kernel32].
|
|---|
| 82 | 1358.135c: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd6000 cbPeb=0x380
|
|---|
| 83 | 1358.135c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077140000 uNtDllChildAddr=0000000077140000
|
|---|
| 84 | 1358.135c: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007716c320
|
|---|
| 85 | 1358.135c: supR3HardenedWinSetupChildInit: Start child.
|
|---|
| 86 | 1358.135c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
|
|---|
| 87 | 1358.135c: supR3HardNtChildPurify: Startup delay kludge #1/0: 265 ms, 17 sleeps
|
|---|
| 88 | 1358.135c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
|
|---|
| 89 | 1358.135c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
|
|---|
| 90 | 1358.135c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
|
|---|
| 91 | 1358.135c: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
|
|---|
| 92 | 1358.135c: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
|
|---|
| 93 | 1358.135c: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
|
|---|
| 94 | 1358.135c: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
|
|---|
| 95 | 1358.135c: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
|
|---|
| 96 | 1358.135c: 0000000000051000-fffffffffffa1fff 0x0001/0x0000 0x0000000
|
|---|
| 97 | 1358.135c: *0000000000100000-0000000000003fff 0x0000/0x0004 0x0020000
|
|---|
| 98 | 1358.135c: 00000000001fc000-00000000001f8fff 0x0104/0x0004 0x0020000
|
|---|
| 99 | 1358.135c: 00000000001ff000-00000000001fdfff 0x0004/0x0004 0x0020000
|
|---|
| 100 | 1358.135c: 0000000000200000-ffffffff892bffff 0x0001/0x0000 0x0000000
|
|---|
| 101 | 1358.135c: *0000000077140000-000000007713efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
|
|---|
| 102 | 1358.135c: 0000000077141000-000000007703efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
|
|---|
| 103 | 1358.135c: 0000000077243000-0000000077213fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
|
|---|
| 104 | 1358.135c: 0000000077272000-0000000077265fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
|
|---|
| 105 | 1358.135c: 000000007727e000-0000000077212fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
|
|---|
| 106 | 1358.135c: 00000000772e9000-000000006f5f1fff 0x0001/0x0000 0x0000000
|
|---|
| 107 | 1358.135c: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
|
|---|
| 108 | 1358.135c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
|
|---|
| 109 | 1358.135c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
|
|---|
| 110 | 1358.135c: 000000007fff0000-ffffffffc075ffff 0x0001/0x0000 0x0000000
|
|---|
| 111 | 1358.135c: *000000013f880000-000000013f87efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 112 | 1358.135c: 000000013f881000-000000013f7fcfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 113 | 1358.135c: 000000013f905000-000000013f903fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 114 | 1358.135c: 000000013f906000-000000013f8c8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 115 | 1358.135c: 000000013f943000-000000013f941fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 116 | 1358.135c: 000000013f944000-000000013f942fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 117 | 1358.135c: 000000013f945000-000000013f942fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 118 | 1358.135c: 000000013f947000-000000013f945fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 119 | 1358.135c: 000000013f948000-000000013f946fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 120 | 1358.135c: 000000013f949000-000000013f944fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 121 | 1358.135c: 000000013f94d000-000000013f913fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 122 | 1358.135c: 000000013f986000-fffff8037feabfff 0x0001/0x0000 0x0000000
|
|---|
| 123 | 1358.135c: *000007feff460000-000007feff45efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
|
|---|
| 124 | 1358.135c: 000007feff461000-000007fdfe911fff 0x0001/0x0000 0x0000000
|
|---|
| 125 | 1358.135c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
|
|---|
| 126 | 1358.135c: 000007fffffd3000-000007fffffcffff 0x0001/0x0000 0x0000000
|
|---|
| 127 | 1358.135c: *000007fffffd6000-000007fffffd4fff 0x0004/0x0004 0x0020000
|
|---|
| 128 | 1358.135c: 000007fffffd7000-000007fffffcffff 0x0001/0x0000 0x0000000
|
|---|
| 129 | 1358.135c: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
|
|---|
| 130 | 1358.135c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
|
|---|
| 131 | 1358.135c: apisetschema.dll: timestamp 0x4a5bdeab (rc=VINF_SUCCESS)
|
|---|
| 132 | 1358.135c: VirtualBox.exe: timestamp 0x546f44b2 (rc=VINF_SUCCESS)
|
|---|
| 133 | 1358.135c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 134 | 1358.135c: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 135 | 1358.135c: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 136 | 1358.135c: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
|
|---|
| 137 | 1358.135c: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 138 | 1358.135c: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 139 | 1358.135c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
|
|---|
| 140 | 1358.135c: supR3HardNtChildPurify: Done after 281 ms and 0 fixes (loop #0).
|
|---|
| 141 | 1368.136c: Log file opened: 4.3.20r96996 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
|
|---|
| 142 | 1368.136c: supR3HardenedVmProcessInit: uNtDllAddr=0000000077140000
|
|---|
| 143 | 1368.136c: ntdll.dll: timestamp 0x4ec4aa8e (rc=VINF_SUCCESS)
|
|---|
| 144 | 1368.136c: New simple heap: #1 0000000000300000 LB 0x400000 (for 1740800 allocation)
|
|---|
| 145 | 1358.135c: supR3HardNtEnableThreadCreation:
|
|---|
| 146 | 1368.136c: System32: \Device\HarddiskVolume2\Windows\System32
|
|---|
| 147 | 1368.136c: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
|
|---|
| 148 | 1368.136c: KnownDllPath: C:\Windows\system32
|
|---|
| 149 | 1368.136c: supR3HardenedVmProcessInit: Opening vboxdrv stub...
|
|---|
| 150 | 1368.136c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
|
|---|
| 151 | 1368.136c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
|
|---|
| 152 | 1368.136c: Registered Dll notification callback with NTDLL.
|
|---|
| 153 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\kernel32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 154 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\kernel32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 155 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
|
|---|
| 156 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
|
|---|
| 157 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
|
|---|
| 158 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
|
|---|
| 159 | 1368.136c: supR3HardenedDllNotificationCallback: load 0000000076a60000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
|
|---|
| 160 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
|
|---|
| 161 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd8c0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
|
|---|
| 162 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 163 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 164 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
|
|---|
| 165 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
|
|---|
| 166 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076a60000 'C:\Windows\system32\kernel32.dll'
|
|---|
| 167 | 1368.136c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007716c320 pvNtTerminateThread=0000000077191840
|
|---|
| 168 | 1358.135c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 16 ms.
|
|---|
| 169 | 1368.136c: \SystemRoot\System32\ntdll.dll:
|
|---|
| 170 | 1368.136c: CreationTime: 2012-06-05T09:08:33.845363600Z
|
|---|
| 171 | 1368.136c: LastWriteTime: 2011-11-17T06:41:18.858669900Z
|
|---|
| 172 | 1368.136c: ChangeTime: 2012-06-27T07:23:11.852173900Z
|
|---|
| 173 | 1368.136c: FileAttributes: 0x20
|
|---|
| 174 | 1368.136c: Size: 0x1a6d50
|
|---|
| 175 | 1368.136c: NT Headers: 0xe0
|
|---|
| 176 | 1368.136c: Timestamp: 0x4ec4aa8e
|
|---|
| 177 | 1368.136c: Machine: 0x8664 - amd64
|
|---|
| 178 | 1368.136c: Timestamp: 0x4ec4aa8e
|
|---|
| 179 | 1368.136c: Image Version: 6.1
|
|---|
| 180 | 1368.136c: SizeOfImage: 0x1a9000 (1740800)
|
|---|
| 181 | 1368.136c: Resource Dir: 0x151000 LB 0x560d8
|
|---|
| 182 | 1368.136c: ProductName: Microsoft® Windows® Operating System
|
|---|
| 183 | 1368.136c: ProductVersion: 6.1.7601.17725
|
|---|
| 184 | 1368.136c: FileVersion: 6.1.7601.17725 (win7sp1_gdr.111116-1503)
|
|---|
| 185 | 1368.136c: FileDescription: NT Layer DLL
|
|---|
| 186 | 1368.136c: \SystemRoot\System32\kernel32.dll:
|
|---|
| 187 | 1368.136c: CreationTime: 2012-06-05T09:10:20.487150900Z
|
|---|
| 188 | 1368.136c: LastWriteTime: 2011-07-16T05:37:12.377000000Z
|
|---|
| 189 | 1368.136c: ChangeTime: 2012-06-27T07:23:11.259372900Z
|
|---|
| 190 | 1368.136c: FileAttributes: 0x20
|
|---|
| 191 | 1368.136c: Size: 0x11be00
|
|---|
| 192 | 1368.136c: NT Headers: 0xe8
|
|---|
| 193 | 1368.136c: Timestamp: 0x4e21213b
|
|---|
| 194 | 1368.136c: Machine: 0x8664 - amd64
|
|---|
| 195 | 1368.136c: Timestamp: 0x4e21213b
|
|---|
| 196 | 1368.136c: Image Version: 6.1
|
|---|
| 197 | 1368.136c: SizeOfImage: 0x11f000 (1175552)
|
|---|
| 198 | 1368.136c: Resource Dir: 0x116000 LB 0x528
|
|---|
| 199 | 1368.136c: ProductName: Microsoft® Windows® Operating System
|
|---|
| 200 | 1368.136c: ProductVersion: 6.1.7601.17651
|
|---|
| 201 | 1368.136c: FileVersion: 6.1.7601.17651 (win7sp1_gdr.110715-1504)
|
|---|
| 202 | 1368.136c: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 203 | 1368.136c: \SystemRoot\System32\KernelBase.dll:
|
|---|
| 204 | 1368.136c: CreationTime: 2012-06-05T09:10:20.533951000Z
|
|---|
| 205 | 1368.136c: LastWriteTime: 2011-07-16T05:37:12.596000000Z
|
|---|
| 206 | 1368.136c: ChangeTime: 2012-06-27T07:23:11.274972900Z
|
|---|
| 207 | 1368.136c: FileAttributes: 0x20
|
|---|
| 208 | 1368.136c: Size: 0x67000
|
|---|
| 209 | 1368.136c: NT Headers: 0xe8
|
|---|
| 210 | 1368.136c: Timestamp: 0x4e21213c
|
|---|
| 211 | 1368.136c: Machine: 0x8664 - amd64
|
|---|
| 212 | 1368.136c: Timestamp: 0x4e21213c
|
|---|
| 213 | 1368.136c: Image Version: 6.1
|
|---|
| 214 | 1368.136c: SizeOfImage: 0x6c000 (442368)
|
|---|
| 215 | 1368.136c: Resource Dir: 0x6a000 LB 0x530
|
|---|
| 216 | 1368.136c: ProductName: Microsoft® Windows® Operating System
|
|---|
| 217 | 1368.136c: ProductVersion: 6.1.7601.17651
|
|---|
| 218 | 1368.136c: FileVersion: 6.1.7601.17651 (win7sp1_gdr.110715-1504)
|
|---|
| 219 | 1368.136c: FileDescription: Windows NT BASE API Client DLL
|
|---|
| 220 | 1368.136c: \SystemRoot\System32\apisetschema.dll:
|
|---|
| 221 | 1368.136c: CreationTime: 2009-07-13T23:18:54.866423200Z
|
|---|
| 222 | 1368.136c: LastWriteTime: 2009-07-14T01:24:53.779000000Z
|
|---|
| 223 | 1368.136c: ChangeTime: 2012-06-27T07:23:12.756975500Z
|
|---|
| 224 | 1368.136c: FileAttributes: 0x20
|
|---|
| 225 | 1368.136c: Size: 0x1a00
|
|---|
| 226 | 1368.136c: NT Headers: 0xc0
|
|---|
| 227 | 1368.136c: Timestamp: 0x4a5bdeab
|
|---|
| 228 | 1368.136c: Machine: 0x8664 - amd64
|
|---|
| 229 | 1368.136c: Timestamp: 0x4a5bdeab
|
|---|
| 230 | 1368.136c: Image Version: 6.1
|
|---|
| 231 | 1368.136c: SizeOfImage: 0x50000 (327680)
|
|---|
| 232 | 1368.136c: Resource Dir: 0x30000 LB 0x3f0
|
|---|
| 233 | 1368.136c: ProductName: Microsoft® Windows® Operating System
|
|---|
| 234 | 1368.136c: ProductVersion: 6.1.7600.16385
|
|---|
| 235 | 1368.136c: FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
|
|---|
| 236 | 1368.136c: FileDescription: ApiSet Schema DLL
|
|---|
| 237 | 1368.136c: supR3HardenedWinFindAdversaries: 0x0
|
|---|
| 238 | 1368.136c: Calling main()
|
|---|
| 239 | 1368.136c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
|
|---|
| 240 | 1368.136c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 241 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
|
|---|
| 242 | 1368.136c: SUPR3HardenedMain: Respawn #2
|
|---|
| 243 | 1368.136c: supR3HardNtEnableThreadCreation:
|
|---|
| 244 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\advapi32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 245 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\advapi32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 246 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 247 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
|
|---|
| 248 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
|
|---|
| 249 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
|
|---|
| 250 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 251 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 252 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 253 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 254 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
|
|---|
| 255 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
|
|---|
| 256 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 257 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 258 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 259 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 260 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
|
|---|
| 261 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
|
|---|
| 262 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x1000 pwszSearchPath=0000000000000000:<flags> [calling]
|
|---|
| 263 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 264 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefeaa0000 LB 0x000db000 C:\Windows\system32\ADVAPI32.DLL [fFlags=0x0]
|
|---|
| 265 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 266 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007feff3b0000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
|
|---|
| 267 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 268 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\sechost.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 269 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\sechost.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 270 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
|
|---|
| 271 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
|
|---|
| 272 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
|
|---|
| 273 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
|
|---|
| 274 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefda80000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
|
|---|
| 275 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
|
|---|
| 276 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefec20000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
|
|---|
| 277 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 278 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeaa0000 'C:\Windows\system32\ADVAPI32.DLL'
|
|---|
| 279 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\apphelp.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 280 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\apphelp.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 281 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
|
|---|
| 282 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
|
|---|
| 283 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 284 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 285 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 286 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 287 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 288 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 289 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
|
|---|
| 290 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
|
|---|
| 291 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd420000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
|
|---|
| 292 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
|
|---|
| 293 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd420000 'C:\Windows\system32\apphelp.dll'
|
|---|
| 294 | 1368.136c: Error -104 in supR3HardenedWinReSpawn! (enmWhat=5)
|
|---|
| 295 | 1368.136c: Error relaunching VirtualBox VM process: 5
|
|---|
| 296 | Command line: '60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment WXP --startvm ae6d02ce-7c47-4e2a-805c-3c25a49515e2 --no-startvm-errormsgbox "--sup-startup-log=C:\Users\frank\VirtualBox VMs\WXP\Logs\VBoxStartup.log"'
|
|---|
| 297 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
|
|---|
| 298 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
|
|---|
| 299 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
|
|---|
| 300 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
|
|---|
| 301 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
|
|---|
| 302 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
|
|---|
| 303 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
|
|---|
| 304 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
|
|---|
| 305 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
|
|---|
| 306 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
|
|---|
| 307 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
|
|---|
| 308 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
|
|---|
| 309 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
|
|---|
| 310 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
|
|---|
| 311 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
|
|---|
| 312 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
|
|---|
| 313 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll)
|
|---|
| 314 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
|
|---|
| 315 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
|
|---|
| 316 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
|
|---|
| 317 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\winmm.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 318 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\winmm.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 319 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
|
|---|
| 320 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 321 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\winmm.dll)
|
|---|
| 322 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
|
|---|
| 323 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
|
|---|
| 324 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 325 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 326 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 327 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 328 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
|
|---|
| 329 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 330 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
|
|---|
| 331 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
|
|---|
| 332 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
|
|---|
| 333 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll)
|
|---|
| 334 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
|
|---|
| 335 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 336 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 337 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 338 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 339 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
|
|---|
| 340 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
|
|---|
| 341 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
|
|---|
| 342 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
|
|---|
| 343 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
|
|---|
| 344 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll)
|
|---|
| 345 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
|
|---|
| 346 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 347 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 348 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\ole32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 349 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\ole32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 350 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 351 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
|
|---|
| 352 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
|
|---|
| 353 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
|
|---|
| 354 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ole32.dll)
|
|---|
| 355 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
|
|---|
| 356 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
|
|---|
| 357 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 358 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\shell32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 359 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\shell32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 360 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 361 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
|
|---|
| 362 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
|
|---|
| 363 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
|
|---|
| 364 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shell32.dll)
|
|---|
| 365 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
|
|---|
| 366 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 367 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 368 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 369 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 370 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 371 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\gdi32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 372 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\gdi32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 373 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
|
|---|
| 374 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
|
|---|
| 375 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
|
|---|
| 376 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
|
|---|
| 377 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 378 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 379 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\user32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 380 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\user32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 381 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
|
|---|
| 382 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
|
|---|
| 383 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
|
|---|
| 384 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
|
|---|
| 385 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 386 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
|
|---|
| 387 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
|
|---|
| 388 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
|
|---|
| 389 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
|
|---|
| 390 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
|
|---|
| 391 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
|
|---|
| 392 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)
|
|---|
| 393 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
|
|---|
| 394 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
|
|---|
| 395 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 396 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
|
|---|
| 397 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
|
|---|
| 398 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
|
|---|
| 399 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll)
|
|---|
| 400 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
|
|---|
| 401 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
|
|---|
| 402 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 403 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
|
|---|
| 404 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
|
|---|
| 405 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
|
|---|
| 406 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
|
|---|
| 407 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
|
|---|
| 408 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
|
|---|
| 409 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
|
|---|
| 410 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
|
|---|
| 411 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
|
|---|
| 412 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
|
|---|
| 413 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
|
|---|
| 414 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
|
|---|
| 415 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
|
|---|
| 416 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)
|
|---|
| 417 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
|
|---|
| 418 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
|
|---|
| 419 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 420 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
|
|---|
| 421 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
|
|---|
| 422 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
|
|---|
| 423 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
|
|---|
| 424 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
|
|---|
| 425 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
|
|---|
| 426 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)
|
|---|
| 427 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
|
|---|
| 428 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 429 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
|
|---|
| 430 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)
|
|---|
| 431 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 432 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
|
|---|
| 433 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
|
|---|
| 434 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 435 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll)
|
|---|
| 436 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
|
|---|
| 437 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 438 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 439 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 440 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
|
|---|
| 441 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
|
|---|
| 442 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
|
|---|
| 443 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll)
|
|---|
| 444 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 445 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
|
|---|
| 446 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 447 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\opengl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 448 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\opengl32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 449 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 450 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
|
|---|
| 451 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
|
|---|
| 452 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
|
|---|
| 453 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
|
|---|
| 454 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
|
|---|
| 455 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll)
|
|---|
| 456 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
|
|---|
| 457 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 458 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 459 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 460 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
|
|---|
| 461 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
|
|---|
| 462 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\ddraw.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 463 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\ddraw.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 464 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 465 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 466 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
|
|---|
| 467 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
|
|---|
| 468 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
|
|---|
| 469 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
|
|---|
| 470 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll)
|
|---|
| 471 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
|
|---|
| 472 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
|
|---|
| 473 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 474 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\glu32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 475 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\glu32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 476 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 477 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
|
|---|
| 478 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 479 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\glu32.dll)
|
|---|
| 480 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
|
|---|
| 481 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 482 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 483 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 484 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 485 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 486 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 487 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 488 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 489 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 490 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 491 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 492 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 493 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 494 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 495 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 496 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 497 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 498 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
|
|---|
| 499 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
|
|---|
| 500 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll)
|
|---|
| 501 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
|
|---|
| 502 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
|
|---|
| 503 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
|
|---|
| 504 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
|
|---|
| 505 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 506 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
|
|---|
| 507 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
|
|---|
| 508 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 509 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
|
|---|
| 510 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
|
|---|
| 511 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 512 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
|
|---|
| 513 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
|
|---|
| 514 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
|
|---|
| 515 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
|
|---|
| 516 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
|
|---|
| 517 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 518 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 519 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
|
|---|
| 520 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 521 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 522 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 523 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 524 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 525 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 526 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 527 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 528 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 529 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 530 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
|
|---|
| 531 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
|
|---|
| 532 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
|
|---|
| 533 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
|
|---|
| 534 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
|
|---|
| 535 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
|
|---|
| 536 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 537 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 538 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
|
|---|
| 539 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 540 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
|
|---|
| 541 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 542 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 543 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 544 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 545 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 546 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 547 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 548 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 549 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 550 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
|
|---|
| 551 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
|
|---|
| 552 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\winspool.drv: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 553 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\winspool.drv: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 554 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 555 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
|
|---|
| 556 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
|
|---|
| 557 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\winspool.drv)
|
|---|
| 558 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv
|
|---|
| 559 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
|
|---|
| 560 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
|
|---|
| 561 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
|
|---|
| 562 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
|
|---|
| 563 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 564 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\imm32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 565 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\imm32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 566 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
|
|---|
| 567 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
|
|---|
| 568 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
|
|---|
| 569 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
|
|---|
| 570 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
|
|---|
| 571 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 572 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 573 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
|
|---|
| 574 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
|
|---|
| 575 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 576 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll [lacks WinVerifyTrust]
|
|---|
| 577 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 578 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 579 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 580 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 581 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
|
|---|
| 582 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
|
|---|
| 583 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
|
|---|
| 584 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 585 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 586 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 587 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 588 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
|
|---|
| 589 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 590 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
|
|---|
| 591 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
|
|---|
| 592 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
|
|---|
| 593 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 594 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 595 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
|
|---|
| 596 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 597 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 598 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 599 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 600 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 601 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 602 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 603 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 604 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
|
|---|
| 605 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 606 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
|
|---|
| 607 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 608 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 609 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 610 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
|
|---|
| 611 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
|
|---|
| 612 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\lpk.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 613 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\lpk.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 614 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
|
|---|
| 615 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
|
|---|
| 616 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
|
|---|
| 617 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
|
|---|
| 618 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
|
|---|
| 619 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 620 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 621 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 622 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 623 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 624 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 625 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 626 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 627 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 628 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
|
|---|
| 629 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
|
|---|
| 630 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 631 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 632 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
|
|---|
| 633 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
|
|---|
| 634 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
|
|---|
| 635 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
|
|---|
| 636 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
|
|---|
| 637 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 638 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 639 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 640 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 641 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 642 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 643 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 644 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 645 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 646 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 647 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 648 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 649 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 650 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 651 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 652 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 653 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 654 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 655 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 656 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 657 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 658 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 659 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 660 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 661 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 662 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 663 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 664 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 665 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 666 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 667 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
|
|---|
| 668 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 669 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
|
|---|
| 670 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
|
|---|
| 671 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
|
|---|
| 672 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\comctl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 673 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\comctl32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 674 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
|
|---|
| 675 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
|
|---|
| 676 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
|
|---|
| 677 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll)
|
|---|
| 678 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll
|
|---|
| 679 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 680 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 681 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 682 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 683 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 684 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 685 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
|
|---|
| 686 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
|
|---|
| 687 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
|
|---|
| 688 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 689 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 690 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 691 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 692 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 693 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 694 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 695 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 696 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 697 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 698 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 699 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 700 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 701 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 702 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 703 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 704 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 705 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 706 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 707 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 708 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 709 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 710 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 711 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 712 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 713 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 714 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 715 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
|
|---|
| 716 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
|
|---|
| 717 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\usp10.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 718 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\usp10.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 719 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 720 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
|
|---|
| 721 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
|
|---|
| 722 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
|
|---|
| 723 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
|
|---|
| 724 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 725 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 726 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 727 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 728 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 729 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 730 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
|
|---|
| 731 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
|
|---|
| 732 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\msctf.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 733 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\msctf.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 734 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 735 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
|
|---|
| 736 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
|
|---|
| 737 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
|
|---|
| 738 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
|
|---|
| 739 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
|
|---|
| 740 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 741 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 742 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 743 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 744 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 745 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 746 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 747 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 748 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 749 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 750 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 751 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 752 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 753 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 754 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 755 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
|
|---|
| 756 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
|
|---|
| 757 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\nsi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 758 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\nsi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 759 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\nsi.dll)
|
|---|
| 760 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
|
|---|
| 761 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 762 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 763 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 764 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 765 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 766 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 767 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 768 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 769 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 770 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
|
|---|
| 771 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 772 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
|
|---|
| 773 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 774 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 775 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 776 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
|
|---|
| 777 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
|
|---|
| 778 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 779 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 780 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 781 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
|
|---|
| 782 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 783 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll)
|
|---|
| 784 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
|
|---|
| 785 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
|
|---|
| 786 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
|
|---|
| 787 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\setupapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 788 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\setupapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 789 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
|
|---|
| 790 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
|
|---|
| 791 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
|
|---|
| 792 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
|
|---|
| 793 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
|
|---|
| 794 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
|
|---|
| 795 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
|
|---|
| 796 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll)
|
|---|
| 797 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
|
|---|
| 798 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 799 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 800 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 801 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
|
|---|
| 802 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 803 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\dciman32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 804 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\dciman32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 805 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 806 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
|
|---|
| 807 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
|
|---|
| 808 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll)
|
|---|
| 809 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
|
|---|
| 810 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 811 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 812 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 813 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 814 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 815 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 816 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 817 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 818 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 819 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 820 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 821 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 822 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 823 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 824 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 825 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
|
|---|
| 826 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
|
|---|
| 827 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\devobj.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 828 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\devobj.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 829 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 830 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
|
|---|
| 831 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)
|
|---|
| 832 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
|
|---|
| 833 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 834 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 835 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
|
|---|
| 836 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 837 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 838 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 839 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 840 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 841 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 842 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 843 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 844 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 845 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 846 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 847 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 848 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
|
|---|
| 849 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 850 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 851 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 852 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 853 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
|
|---|
| 854 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
|
|---|
| 855 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)
|
|---|
| 856 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
|
|---|
| 857 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 858 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 859 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 860 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 861 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 862 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 863 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 864 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 865 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 866 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
|
|---|
| 867 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 868 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
|
|---|
| 869 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 870 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 871 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 872 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 873 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 874 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 875 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 876 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 877 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 878 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 879 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 880 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 881 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 882 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 883 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 884 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 885 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 886 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 887 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 888 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 889 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 890 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 891 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 892 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 893 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 894 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 895 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 896 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
|
|---|
| 897 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 898 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
|
|---|
| 899 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 900 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 901 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 902 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007f2f80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
|
|---|
| 903 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust]
|
|---|
| 904 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fef0120000 LB 0x00873000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
|
|---|
| 905 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust]
|
|---|
| 906 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
|
|---|
| 907 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fef0000000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
|
|---|
| 908 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
|
|---|
| 909 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefdaa0000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
|
|---|
| 910 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 911 | 1368.136c: supR3HardenedDllNotificationCallback: load 0000000076cd0000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
|
|---|
| 912 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 913 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd9a0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
|
|---|
| 914 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust]
|
|---|
| 915 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd9b0000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0]
|
|---|
| 916 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust]
|
|---|
| 917 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust]
|
|---|
| 918 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007feeffd0000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
|
|---|
| 919 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [lacks WinVerifyTrust]
|
|---|
| 920 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [lacks WinVerifyTrust]
|
|---|
| 921 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fef34d0000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
|
|---|
| 922 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [lacks WinVerifyTrust]
|
|---|
| 923 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [lacks WinVerifyTrust]
|
|---|
| 924 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefa1c0000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
|
|---|
| 925 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [lacks WinVerifyTrust]
|
|---|
| 926 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007feff150000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
|
|---|
| 927 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
|
|---|
| 928 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd6f0000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
|
|---|
| 929 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
|
|---|
| 930 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007feff010000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
|
|---|
| 931 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
|
|---|
| 932 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefedf0000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
|
|---|
| 933 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 934 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd730000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
|
|---|
| 935 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [lacks WinVerifyTrust]
|
|---|
| 936 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [lacks WinVerifyTrust]
|
|---|
| 937 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefb800000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
|
|---|
| 938 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [lacks WinVerifyTrust]
|
|---|
| 939 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 940 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fef09a0000 LB 0x00531000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
|
|---|
| 941 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 942 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
|
|---|
| 943 | 1368.136c: supR3HardenedDllNotificationCallback: load 000000006cfd0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
|
|---|
| 944 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
|
|---|
| 945 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
|
|---|
| 946 | 1368.136c: supR3HardenedDllNotificationCallback: load 000000006cf30000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
|
|---|
| 947 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
|
|---|
| 948 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefdb10000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
|
|---|
| 949 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
|
|---|
| 950 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007feff000000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
|
|---|
| 951 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\nsi.dll [lacks WinVerifyTrust]
|
|---|
| 952 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 953 | 1368.136c: supR3HardenedDllNotificationCallback: load 000000006cc50000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
|
|---|
| 954 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 955 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 956 | 1368.136c: supR3HardenedDllNotificationCallback: load 000000006c2e0000 LB 0x00969000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
|
|---|
| 957 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 958 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefdc70000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
|
|---|
| 959 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll [lacks WinVerifyTrust]
|
|---|
| 960 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007feff330000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
|
|---|
| 961 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
|
|---|
| 962 | 1368.136c: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 963 | 1368.136c: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in WinSxS).
|
|---|
| 964 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
|
|---|
| 965 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
|
|---|
| 966 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
|
|---|
| 967 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll)
|
|---|
| 968 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
|
|---|
| 969 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefa370000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\COMCTL32.dll [fFlags=0x0]
|
|---|
| 970 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll [lacks WinVerifyTrust]
|
|---|
| 971 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefdd10000 LB 0x00d88000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
|
|---|
| 972 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
|
|---|
| 973 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd970000 LB 0x0002e000 C:\Windows\system32\IMM32.dll [fFlags=0x0]
|
|---|
| 974 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
|
|---|
| 975 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
|
|---|
| 976 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
|
|---|
| 977 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
|
|---|
| 978 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefb9c0000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
|
|---|
| 979 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
|
|---|
| 980 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust]
|
|---|
| 981 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefa2f0000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
|
|---|
| 982 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winspool.drv [lacks WinVerifyTrust]
|
|---|
| 983 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 984 | 1368.136c: supR3HardenedDllNotificationCallback: load 000000006c1d0000 LB 0x00105000 C:\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0]
|
|---|
| 985 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 986 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 987 | 1368.136c: supR3HardenedDllNotificationCallback: load 000000006c0f0000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
|
|---|
| 988 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 989 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\nvinitx.dll: Owner is administrators group.
|
|---|
| 990 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
|
|---|
| 991 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
|
|---|
| 992 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nvinitx.dll)
|
|---|
| 993 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nvinitx.dll
|
|---|
| 994 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 995 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 996 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 997 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 998 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 999 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1000 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1001 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1002 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1003 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1004 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1005 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 1006 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 1007 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1008 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 1009 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\nvinitx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb810:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.; [calling]
|
|---|
| 1010 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nvinitx.dll [lacks WinVerifyTrust]
|
|---|
| 1011 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd550000 LB 0x00044000 C:\Windows\system32\nvinitx.dll [fFlags=0x0]
|
|---|
| 1012 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nvinitx.dll [lacks WinVerifyTrust]
|
|---|
| 1013 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd550000 'C:\Windows\system32\nvinitx.dll'
|
|---|
| 1014 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 1015 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdaa0000 'C:\Windows\system32\gdi32.dll'
|
|---|
| 1016 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1017 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076a60000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
|
|---|
| 1018 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1019 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1020 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1021 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1022 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1023 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1024 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1025 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1026 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1027 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1028 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1029 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1030 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1031 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1032 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1033 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1034 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1035 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1036 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1037 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1038 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1039 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1040 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1041 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1042 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1043 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1044 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1045 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1046 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1047 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1048 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1049 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1050 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1051 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1052 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1053 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1054 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1055 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1056 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1057 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1058 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1059 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1060 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1061 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1062 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1063 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1064 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1065 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1066 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1067 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1068 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1069 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1070 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1071 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1072 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1073 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1074 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1075 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1076 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1077 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1078 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1079 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1080 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1081 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1082 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1083 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1084 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1085 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1086 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1087 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1088 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
|
|---|
| 1089 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1090 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
|
|---|
| 1091 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1092 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd970000 'C:\Windows\system32\imm32.dll'
|
|---|
| 1093 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0120000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
|
|---|
| 1094 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
|
|---|
| 1095 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1096 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb9c0000 'C:\Windows\system32\winmm.dll'
|
|---|
| 1097 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1098 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1099 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
|
|---|
| 1100 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
|
|---|
| 1101 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1102 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
|
|---|
| 1103 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd480000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
|
|---|
| 1104 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
|
|---|
| 1105 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd480000 'C:\Windows\system32\CRYPTBASE.dll'
|
|---|
| 1106 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
|
|---|
| 1107 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1108 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdd10000 'C:\Windows\system32\shell32.dll'
|
|---|
| 1109 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
|
|---|
| 1110 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1111 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076a60000 'C:\Windows\system32\kernel32.dll'
|
|---|
| 1112 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1113 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1114 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1115 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
|
|---|
| 1116 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
|
|---|
| 1117 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll)
|
|---|
| 1118 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
|
|---|
| 1119 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1120 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1121 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 1122 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1123 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1124 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1125 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1126 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1127 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1128 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1129 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
|
|---|
| 1130 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefbe30000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
|
|---|
| 1131 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
|
|---|
| 1132 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe30000 'C:\Windows\system32\uxtheme.dll'
|
|---|
| 1133 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
|
|---|
| 1134 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1135 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe30000 'C:\Windows\system32\uxtheme.dll'
|
|---|
| 1136 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll)
|
|---|
| 1137 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1138 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
|
|---|
| 1139 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1140 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cd0000 'C:\Windows\system32\user32.dll'
|
|---|
| 1141 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
|
|---|
| 1142 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1143 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe30000 'C:\Windows\system32\uxtheme.dll'
|
|---|
| 1144 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1145 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cd0000 'C:\Windows\system32\user32.dll'
|
|---|
| 1146 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 1147 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdaa0000 'C:\Windows\system32\gdi32.dll'
|
|---|
| 1148 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll)
|
|---|
| 1149 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1150 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
|
|---|
| 1151 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1152 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cd0000 'C:\Windows\system32\user32.dll'
|
|---|
| 1153 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
|
|---|
| 1154 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1155 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb9c0000 'C:\Windows\system32\WINMM.dll'
|
|---|
| 1156 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 1157 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1158 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedf0000 'C:\Windows\system32\ole32.dll'
|
|---|
| 1159 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
|
|---|
| 1160 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1161 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076a60000 'C:\Windows\system32\kernel32.dll'
|
|---|
| 1162 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1163 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda80000 'API-MS-WIN-Service-Management-L1-1-0.dll'
|
|---|
| 1164 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 1165 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec20000 'C:\Windows\system32\rpcrt4.dll'
|
|---|
| 1166 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 1167 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1168 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedf0000 'C:\Windows\system32\ole32.dll'
|
|---|
| 1169 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 1170 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1171 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedf0000 'C:\Windows\system32\ole32.dll'
|
|---|
| 1172 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1173 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda80000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
|
|---|
| 1174 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1175 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1176 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 1177 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec20000 'C:\Windows\system32\RPCRT4.dll'
|
|---|
| 1178 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1179 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
|
|---|
| 1180 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 1181 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
|
|---|
| 1182 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
|
|---|
| 1183 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
|
|---|
| 1184 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll)
|
|---|
| 1185 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
|
|---|
| 1186 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 1187 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1188 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 1189 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 1190 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1191 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1192 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1193 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
|
|---|
| 1194 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 1195 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1196 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 1197 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1198 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1199 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1200 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 1201 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1202 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 1203 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1204 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1205 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1206 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1207 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll [lacks WinVerifyTrust]
|
|---|
| 1208 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefeb80000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
|
|---|
| 1209 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll [lacks WinVerifyTrust]
|
|---|
| 1210 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb80000 'C:\Windows\system32\CLBCatQ.DLL'
|
|---|
| 1211 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1212 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
|
|---|
| 1213 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
|
|---|
| 1214 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'.
|
|---|
| 1215 | 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll)
|
|---|
| 1216 | 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
|
|---|
| 1217 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
|
|---|
| 1218 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume2\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1219 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\propsys.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1220 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\propsys.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1221 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
|
|---|
| 1222 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000084ded0:C:\Windows\system32;;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1223 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb60000 'C:\Windows\system32\MSCTF.dll'
|
|---|
| 1224 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1225 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
|
|---|
| 1226 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
|
|---|
| 1227 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
|
|---|
| 1228 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
|
|---|
| 1229 | 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\propsys.dll)
|
|---|
| 1230 | 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\propsys.dll
|
|---|
| 1231 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 1232 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1233 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 1234 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1235 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1236 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1237 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1238 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1239 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1240 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 1241 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1242 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 1243 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1244 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1245 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1246 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 1247 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1248 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
|
|---|
| 1249 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 1250 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1251 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 1252 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1253 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1254 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1255 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDevAPI.DLL (Input=MMDevAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1256 | 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
|
|---|
| 1257 | 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefbec0000 LB 0x0004b000 C:\Windows\system32\MMDevAPI.DLL [fFlags=0x0]
|
|---|
| 1258 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
|
|---|
| 1259 | 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\propsys.dll [lacks WinVerifyTrust]
|
|---|
| 1260 | 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefbd00000 LB 0x0012c000 C:\Windows\system32\PROPSYS.dll [fFlags=0x0]
|
|---|
| 1261 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\propsys.dll [lacks WinVerifyTrust]
|
|---|
| 1262 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 1263 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeaa0000 'C:\Windows\system32\ADVAPI32.dll'
|
|---|
| 1264 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbec0000 'C:\Windows\system32\MMDevAPI.DLL'
|
|---|
| 1265 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1266 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1267 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1268 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
|
|---|
| 1269 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
|
|---|
| 1270 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
|
|---|
| 1271 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
|
|---|
| 1272 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ksuser.dll'.
|
|---|
| 1273 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
|
|---|
| 1274 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'avrt.dll'.
|
|---|
| 1275 | 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wdmaud.drv)
|
|---|
| 1276 | 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
|
|---|
| 1277 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
|
|---|
| 1278 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1279 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\avrt.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1280 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\avrt.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1281 | 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\avrt.dll)
|
|---|
| 1282 | 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\avrt.dll
|
|---|
| 1283 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
|
|---|
| 1284 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1285 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
|
|---|
| 1286 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
|
|---|
| 1287 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume2\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1288 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\ksuser.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1289 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\ksuser.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1290 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1291 | 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ksuser.dll)
|
|---|
| 1292 | 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ksuser.dll
|
|---|
| 1293 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
|
|---|
| 1294 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1295 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
|
|---|
| 1296 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1297 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1298 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1299 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 1300 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1301 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 1302 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 1303 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1304 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 1305 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1306 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1307 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1308 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1309 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1310 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1311 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1312 | 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
|
|---|
| 1313 | 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefb600000 LB 0x0003b000 C:\Windows\system32\wdmaud.drv [fFlags=0x0]
|
|---|
| 1314 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
|
|---|
| 1315 | 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
|
|---|
| 1316 | 1368.13a0: supR3HardenedDllNotificationCallback: load 0000000074760000 LB 0x00006000 C:\Windows\system32\ksuser.dll [fFlags=0x0]
|
|---|
| 1317 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
|
|---|
| 1318 | 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\avrt.dll [lacks WinVerifyTrust]
|
|---|
| 1319 | 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefbcd0000 LB 0x00009000 C:\Windows\system32\AVRT.dll [fFlags=0x0]
|
|---|
| 1320 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\avrt.dll [lacks WinVerifyTrust]
|
|---|
| 1321 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv'
|
|---|
| 1322 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
|
|---|
| 1323 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1324 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv'
|
|---|
| 1325 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
|
|---|
| 1326 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1327 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv'
|
|---|
| 1328 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
|
|---|
| 1329 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1330 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbec0000 'C:\Windows\system32\MMDEVAPI.DLL'
|
|---|
| 1331 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 1332 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedf0000 'C:\Windows\system32\ole32.dll'
|
|---|
| 1333 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
|
|---|
| 1334 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SETUPAPI.dll (Input=SETUPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1335 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff150000 'C:\Windows\system32\SETUPAPI.dll'
|
|---|
| 1336 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
|
|---|
| 1337 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1338 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv'
|
|---|
| 1339 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
|
|---|
| 1340 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1341 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv'
|
|---|
| 1342 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
|
|---|
| 1343 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1344 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff330000 'C:\Windows\system32\SHLWAPI.dll'
|
|---|
| 1345 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 1346 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedf0000 'C:\Windows\system32\ole32.dll'
|
|---|
| 1347 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
|
|---|
| 1348 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.DLL (Input=OLEAUT32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1349 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff010000 'C:\Windows\system32\OLEAUT32.DLL'
|
|---|
| 1350 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1351 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1352 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1353 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
|
|---|
| 1354 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
|
|---|
| 1355 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
|
|---|
| 1356 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
|
|---|
| 1357 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
|
|---|
| 1358 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
|
|---|
| 1359 | 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\AudioSes.dll)
|
|---|
| 1360 | 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
|
|---|
| 1361 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
|
|---|
| 1362 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1363 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
|
|---|
| 1364 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 1365 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1366 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 1367 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1368 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1369 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1370 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 1371 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1372 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
|
|---|
| 1373 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 1374 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1375 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ole32.dll [lacks WinVerifyTrust]
|
|---|
| 1376 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 1377 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1378 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 1379 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1380 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1381 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1382 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1383 | 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
|
|---|
| 1384 | 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefb640000 LB 0x0004f000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0]
|
|---|
| 1385 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
|
|---|
| 1386 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb640000 'C:\Windows\system32\AUDIOSES.DLL'
|
|---|
| 1387 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
|
|---|
| 1388 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1389 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv'
|
|---|
| 1390 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
|
|---|
| 1391 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1392 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv'
|
|---|
| 1393 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
|
|---|
| 1394 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb600000 'C:\Windows\system32\wdmaud.drv'
|
|---|
| 1395 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\msacm32.drv: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1396 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\msacm32.drv: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1397 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1398 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
|
|---|
| 1399 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
|
|---|
| 1400 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'.
|
|---|
| 1401 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'.
|
|---|
| 1402 | 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msacm32.drv)
|
|---|
| 1403 | 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.drv
|
|---|
| 1404 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
|
|---|
| 1405 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1406 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
|
|---|
| 1407 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
|
|---|
| 1408 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1409 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\msacm32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1410 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\msacm32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1411 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1412 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
|
|---|
| 1413 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
|
|---|
| 1414 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
|
|---|
| 1415 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
|
|---|
| 1416 | 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msacm32.dll)
|
|---|
| 1417 | 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.dll
|
|---|
| 1418 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
|
|---|
| 1419 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1420 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
|
|---|
| 1421 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1422 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1423 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1424 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1425 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1426 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1427 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
|
|---|
| 1428 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1429 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
|
|---|
| 1430 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1431 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1432 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 1433 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1434 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1435 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1436 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 1437 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1438 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
|
|---|
| 1439 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1440 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1441 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1442 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1443 | 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
|
|---|
| 1444 | 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefaab0000 LB 0x0000a000 C:\Windows\system32\msacm32.drv [fFlags=0x0]
|
|---|
| 1445 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
|
|---|
| 1446 | 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
|
|---|
| 1447 | 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefaa90000 LB 0x00018000 C:\Windows\system32\MSACM32.dll [fFlags=0x0]
|
|---|
| 1448 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
|
|---|
| 1449 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
|
|---|
| 1450 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
|
|---|
| 1451 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1452 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
|
|---|
| 1453 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
|
|---|
| 1454 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1455 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
|
|---|
| 1456 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
|
|---|
| 1457 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1458 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
|
|---|
| 1459 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
|
|---|
| 1460 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1461 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
|
|---|
| 1462 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
|
|---|
| 1463 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1464 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
|
|---|
| 1465 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
|
|---|
| 1466 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1467 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
|
|---|
| 1468 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
|
|---|
| 1469 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
|
|---|
| 1470 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
|
|---|
| 1471 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
|
|---|
| 1472 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
|
|---|
| 1473 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
|
|---|
| 1474 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\midimap.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1475 | 1368.13a0: \Device\HarddiskVolume2\Windows\System32\midimap.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1476 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1477 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
|
|---|
| 1478 | 1368.13a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
|
|---|
| 1479 | 1368.13a0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\midimap.dll)
|
|---|
| 1480 | 1368.13a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\midimap.dll
|
|---|
| 1481 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
|
|---|
| 1482 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1483 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\winmm.dll [lacks WinVerifyTrust]
|
|---|
| 1484 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1485 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1486 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1487 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1488 | 1368.13a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1489 | 1368.13a0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1490 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1491 | 1368.13a0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust]
|
|---|
| 1492 | 1368.13a0: supR3HardenedDllNotificationCallback: load 000007fefaa80000 LB 0x00009000 C:\Windows\system32\midimap.dll [fFlags=0x0]
|
|---|
| 1493 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust]
|
|---|
| 1494 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaa80000 'C:\Windows\system32\midimap.dll'
|
|---|
| 1495 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust]
|
|---|
| 1496 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1497 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaa80000 'C:\Windows\system32\midimap.dll'
|
|---|
| 1498 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust]
|
|---|
| 1499 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1500 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaa80000 'C:\Windows\system32\midimap.dll'
|
|---|
| 1501 | 1368.13a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\midimap.dll [lacks WinVerifyTrust]
|
|---|
| 1502 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1503 | 1368.13a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaa80000 'C:\Windows\system32\midimap.dll'
|
|---|
| 1504 | 1368.13a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
|
|---|
| 1505 | 1368.13a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\audioses.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000864d80:C:\Windows\System32;;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1506 | 1368.13a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb640000 'C:\Windows\System32\audioses.dll'
|
|---|
| 1507 | 1368.13d0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
|
|---|
| 1508 | 1368.13d0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CFGMGR32.dll (Input=CFGMGR32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1509 | 1368.13d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd6f0000 'C:\Windows\system32\CFGMGR32.dll'
|
|---|
| 1510 | 1368.13a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
|
|---|
| 1511 | 1368.13a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1512 | 1368.13a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff010000 'C:\Windows\system32\OLEAUT32.dll'
|
|---|
| 1513 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll' [redir]
|
|---|
| 1514 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll [lacks WinVerifyTrust]
|
|---|
| 1515 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1516 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa370000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll'
|
|---|
| 1517 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\wintrust.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1518 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\wintrust.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1519 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1520 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
|
|---|
| 1521 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
|
|---|
| 1522 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
|
|---|
| 1523 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
|
|---|
| 1524 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
|
|---|
| 1525 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 1526 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1527 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 1528 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
|
|---|
| 1529 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1530 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\msasn1.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1531 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\msasn1.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1532 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
|
|---|
| 1533 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
|
|---|
| 1534 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
|
|---|
| 1535 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1536 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\crypt32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 78 00 6d 1f 20 dd 73 39 43 17 0a 32 9b 04 00 00)
|
|---|
| 1537 | 1368.136c: \Device\HarddiskVolume2\Windows\System32\crypt32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 1538 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1539 | 1368.136c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
|
|---|
| 1540 | 1368.136c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
|
|---|
| 1541 | 1368.136c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
|
|---|
| 1542 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1543 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1544 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1545 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
|
|---|
| 1546 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1547 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
|
|---|
| 1548 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1549 | 1368.136c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
|
|---|
| 1550 | 1368.136c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 1551 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.dll (Input=WINTRUST.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007fb4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32\NV;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;.;;.;;.;;.; [calling]
|
|---|
| 1552 | 1368.136c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 1553 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd930000 LB 0x0003a000 C:\Windows\system32\WINTRUST.dll [fFlags=0x0]
|
|---|
| 1554 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 1555 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd750000 LB 0x0016a000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
|
|---|
| 1556 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
|
|---|
| 1557 | 1368.136c: supR3HardenedDllNotificationCallback: load 000007fefd640000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
|
|---|
| 1558 | 1368.136c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
|
|---|
| 1559 | 1368.136c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd930000 'C:\Windows\system32\WINTRUST.dll'
|
|---|
| 1560 | 1358.135c: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 10485 ms, the end);
|
|---|