| 1 | 19d0.19d8: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000010 g_uNtVerCombined=0x63258000
|
|---|
| 2 | 19d0.19d8: Calling main()
|
|---|
| 3 | 19d0.19d8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
|
|---|
| 4 | 19d0.19d8: SUPR3HardenedMain: Respawn #1
|
|---|
| 5 | 19d0.19d8: System32: \Device\HarddiskVolume3\Windows\System32
|
|---|
| 6 | 19d0.19d8: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
|
|---|
| 7 | 19d0.19d8: ProgDir: \Device\HarddiskVolume3\Program Files
|
|---|
| 8 | 19d0.19d8: ComDir: \Device\HarddiskVolume3\Program Files\Common Files
|
|---|
| 9 | 19d0.19d8: ProgDir32: \Device\HarddiskVolume3\Program Files (x86)
|
|---|
| 10 | 19d0.19d8: ComDir32: \Device\HarddiskVolume3\Program Files (x86)\Common Files
|
|---|
| 11 | 19d0.19d8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 12 | 19d0.19d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
|
|---|
| 13 | 19d0.19d8: supR3HardNtEnableThreadCreation:
|
|---|
| 14 | 19d0.19d8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff90d919c5c pvNtTerminateThread=00007ff90d941ba0
|
|---|
| 15 | 19d0.19d8: supR3HardenedWinDoReSpawn(1): New child 1bb0.1900 [kernel32].
|
|---|
| 16 | 19d0.19d8: supR3HardenedWinPurifyChild: PebBaseAddress=00007ff6a12ab000 cbPeb=0x388
|
|---|
| 17 | 19d0.19d8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff90d8b0000 uNtDllChildAddr=00007ff90d8b0000
|
|---|
| 18 | 19d0.19d8: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=00007ff90d919c5c uNtTerminateThread=00007ff90d941ba0
|
|---|
| 19 | 19d0.19d8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff90d919c5c pvNtTerminateThread=00007ff90d941ba0
|
|---|
| 20 | 19d0.19d8: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
|
|---|
| 21 | 19d0.19d8: supR3HardNtPuChTriggerInitialImageEvents: ntdll.dll[2nd] mapped at 0000000000690000 LB 0x1a6000
|
|---|
| 22 | 19d0.19d8: supR3HardNtPuChTriggerInitialImageEvents: mapping view of kernel32.dll
|
|---|
| 23 | 19d0.19d8: supR3HardNtPuChTriggerInitialImageEvents: kernel32.dll mapped at 00007ff90d750000 LB 0x13a000
|
|---|
| 24 | 19d0.19d8: supR3HardNtPuChTriggerInitialImageEvents: mapping view of KernelBase.dll
|
|---|
| 25 | 19d0.19d8: supR3HardNtPuChTriggerInitialImageEvents: KernelBase.dll mapped at 00007ff90ad00000 LB 0x10f000
|
|---|
| 26 | 19d0.19d8: supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: 16 ms
|
|---|
| 27 | 19d0.19d8: supR3HardNtEnableThreadCreation:
|
|---|
| 28 | 19d0.19d8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
|
|---|
| 29 | 19d0.19d8: *0000000000000000-ffffffffffabffff 0x0001/0x0000 0x0000000
|
|---|
| 30 | 19d0.19d8: *0000000000540000-000000000051ffff 0x0004/0x0004 0x0020000
|
|---|
| 31 | 19d0.19d8: *0000000000560000-0000000000550fff 0x0002/0x0002 0x0040000
|
|---|
| 32 | 19d0.19d8: 000000000056f000-000000000056dfff 0x0001/0x0000 0x0000000
|
|---|
| 33 | 19d0.19d8: *0000000000570000-0000000000473fff 0x0000/0x0004 0x0020000
|
|---|
| 34 | 19d0.19d8: 000000000066c000-0000000000668fff 0x0104/0x0004 0x0020000
|
|---|
| 35 | 19d0.19d8: 000000000066f000-000000000066dfff 0x0004/0x0004 0x0020000
|
|---|
| 36 | 19d0.19d8: *0000000000670000-000000000066bfff 0x0002/0x0002 0x0040000
|
|---|
| 37 | 19d0.19d8: 0000000000674000-0000000000667fff 0x0001/0x0000 0x0000000
|
|---|
| 38 | 19d0.19d8: *0000000000680000-000000000067dfff 0x0004/0x0004 0x0020000
|
|---|
| 39 | 19d0.19d8: 0000000000682000-ffffffff80d23fff 0x0001/0x0000 0x0000000
|
|---|
| 40 | 19d0.19d8: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
|
|---|
| 41 | 19d0.19d8: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
|
|---|
| 42 | 19d0.19d8: 000000007fff0000-ffff800a5ed6ffff 0x0001/0x0000 0x0000000
|
|---|
| 43 | 19d0.19d8: *00007ff6a1270000-00007ff6a123cfff 0x0002/0x0002 0x0040000
|
|---|
| 44 | 19d0.19d8: 00007ff6a12a3000-00007ff6a129afff 0x0001/0x0000 0x0000000
|
|---|
| 45 | 19d0.19d8: *00007ff6a12ab000-00007ff6a12a9fff 0x0004/0x0004 0x0020000
|
|---|
| 46 | 19d0.19d8: 00007ff6a12ac000-00007ff6a12a9fff 0x0001/0x0000 0x0000000
|
|---|
| 47 | 19d0.19d8: *00007ff6a12ae000-00007ff6a12abfff 0x0004/0x0004 0x0020000
|
|---|
| 48 | 19d0.19d8: 00007ff6a12b0000-00007ff6a06effff 0x0001/0x0000 0x0000000
|
|---|
| 49 | 19d0.19d8: *00007ff6a1e70000-00007ff6a1e6efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 50 | 19d0.19d8: 00007ff6a1e71000-00007ff6a1df1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 51 | 19d0.19d8: 00007ff6a1ef0000-00007ff6a1eeefff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 52 | 19d0.19d8: 00007ff6a1ef1000-00007ff6a1eb9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 53 | 19d0.19d8: 00007ff6a1f28000-00007ff6a1f1efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 54 | 19d0.19d8: 00007ff6a1f31000-00007ff6a1ef7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 55 | 19d0.19d8: 00007ff6a1f6a000-00007ff436623fff 0x0001/0x0000 0x0000000
|
|---|
| 56 | 19d0.19d8: *00007ff90d8b0000-00007ff90d8aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 57 | 19d0.19d8: 00007ff90d8b1000-00007ff90d78bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 58 | 19d0.19d8: 00007ff90d9d6000-00007ff90d9ccfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 59 | 19d0.19d8: 00007ff90d9df000-00007ff90d9d1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 60 | 19d0.19d8: 00007ff90d9ec000-00007ff90d9eafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 61 | 19d0.19d8: 00007ff90d9ed000-00007ff90d9ebfff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 62 | 19d0.19d8: 00007ff90d9ee000-00007ff90d985fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 63 | 19d0.19d8: 00007ff90da56000-00007ff21b4cbfff 0x0001/0x0000 0x0000000
|
|---|
| 64 | 19d0.19d8: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
|
|---|
| 65 | 19d0.19d8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 66 | 19d0.19d8: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
|
|---|
| 67 | 1bb0.1900: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000010 g_uNtVerCombined=0x63258000
|
|---|
| 68 | 1bb0.1900: Calling main()
|
|---|
| 69 | 1bb0.1900: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
|
|---|
| 70 | 1bb0.1900: System32: \Device\HarddiskVolume3\Windows\System32
|
|---|
| 71 | 1bb0.1900: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
|
|---|
| 72 | 1bb0.1900: ProgDir: \Device\HarddiskVolume3\Program Files
|
|---|
| 73 | 1bb0.1900: ComDir: \Device\HarddiskVolume3\Program Files\Common Files
|
|---|
| 74 | 1bb0.1900: ProgDir32: \Device\HarddiskVolume3\Program Files (x86)
|
|---|
| 75 | 1bb0.1900: ComDir32: \Device\HarddiskVolume3\Program Files (x86)\Common Files
|
|---|
| 76 | 1bb0.1900: supR3HardenedWinInit: Startup delay kludge #2/0: 94 ms, 11 sleeps
|
|---|
| 77 | 1bb0.1900: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
|
|---|
| 78 | 1bb0.1900: *0000000000000000-ffffffffffabffff 0x0001/0x0000 0x0000000
|
|---|
| 79 | 1bb0.1900: *0000000000540000-000000000052ffff 0x0004/0x0004 0x0040000
|
|---|
| 80 | 1bb0.1900: 0000000000550000-000000000053ffff 0x0001/0x0000 0x0000000
|
|---|
| 81 | 1bb0.1900: *0000000000560000-0000000000550fff 0x0002/0x0002 0x0040000
|
|---|
| 82 | 1bb0.1900: 000000000056f000-000000000056dfff 0x0001/0x0000 0x0000000
|
|---|
| 83 | 1bb0.1900: *0000000000570000-0000000000475fff 0x0000/0x0004 0x0020000
|
|---|
| 84 | 1bb0.1900: 000000000066a000-0000000000666fff 0x0104/0x0004 0x0020000
|
|---|
| 85 | 1bb0.1900: 000000000066d000-0000000000669fff 0x0004/0x0004 0x0020000
|
|---|
| 86 | 1bb0.1900: *0000000000670000-000000000066bfff 0x0002/0x0002 0x0040000
|
|---|
| 87 | 1bb0.1900: 0000000000674000-0000000000667fff 0x0001/0x0000 0x0000000
|
|---|
| 88 | 1bb0.1900: *0000000000680000-000000000067dfff 0x0004/0x0004 0x0020000
|
|---|
| 89 | 1bb0.1900: 0000000000682000-0000000000673fff 0x0001/0x0000 0x0000000
|
|---|
| 90 | 1bb0.1900: *0000000000690000-0000000000611fff 0x0002/0x0002 0x0040000
|
|---|
| 91 | 1bb0.1900: 000000000070e000-000000000070bfff 0x0001/0x0000 0x0000000
|
|---|
| 92 | 1bb0.1900: *0000000000710000-000000000070dfff 0x0004/0x0004 0x0020000
|
|---|
| 93 | 1bb0.1900: 0000000000712000-00000000006f9fff 0x0000/0x0004 0x0020000
|
|---|
| 94 | 1bb0.1900: 000000000072a000-00000000006a3fff 0x0001/0x0000 0x0000000
|
|---|
| 95 | 1bb0.1900: *00000000007b0000-0000000000781fff 0x0004/0x0004 0x0020000
|
|---|
| 96 | 1bb0.1900: 00000000007de000-000000000070bfff 0x0000/0x0004 0x0020000
|
|---|
| 97 | 1bb0.1900: *00000000008b0000-00000000008a3fff 0x0000/0x0004 0x0020000
|
|---|
| 98 | 1bb0.1900: 00000000008bc000-0000000000714fff 0x0004/0x0004 0x0020000
|
|---|
| 99 | 1bb0.1900: 0000000000a63000-0000000000a61fff 0x0000/0x0004 0x0020000
|
|---|
| 100 | 1bb0.1900: 0000000000a64000-ffffffff814e7fff 0x0001/0x0000 0x0000000
|
|---|
| 101 | 1bb0.1900: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
|
|---|
| 102 | 1bb0.1900: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
|
|---|
| 103 | 1bb0.1900: 000000007fff0000-ffff800a5ee6ffff 0x0001/0x0000 0x0000000
|
|---|
| 104 | 1bb0.1900: *00007ff6a1170000-00007ff6a116afff 0x0002/0x0002 0x0040000
|
|---|
| 105 | 1bb0.1900: 00007ff6a1175000-00007ff6a1079fff 0x0000/0x0002 0x0040000
|
|---|
| 106 | 1bb0.1900: *00007ff6a1270000-00007ff6a123cfff 0x0002/0x0002 0x0040000
|
|---|
| 107 | 1bb0.1900: 00007ff6a12a3000-00007ff6a129afff 0x0001/0x0000 0x0000000
|
|---|
| 108 | 1bb0.1900: *00007ff6a12ab000-00007ff6a12a9fff 0x0004/0x0004 0x0020000
|
|---|
| 109 | 1bb0.1900: 00007ff6a12ac000-00007ff6a12a9fff 0x0001/0x0000 0x0000000
|
|---|
| 110 | 1bb0.1900: *00007ff6a12ae000-00007ff6a12abfff 0x0004/0x0004 0x0020000
|
|---|
| 111 | 1bb0.1900: 00007ff6a12b0000-00007ff6a06effff 0x0001/0x0000 0x0000000
|
|---|
| 112 | 1bb0.1900: *00007ff6a1e70000-00007ff6a1e6efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 113 | 1bb0.1900: 00007ff6a1e71000-00007ff6a1df1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 114 | 1bb0.1900: 00007ff6a1ef0000-00007ff6a1eeefff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 115 | 1bb0.1900: 00007ff6a1ef1000-00007ff6a1eb9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 116 | 1bb0.1900: 00007ff6a1f28000-00007ff6a1f1efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 117 | 1bb0.1900: 00007ff6a1f31000-00007ff6a1ef7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 118 | 1bb0.1900: 00007ff6a1f6a000-00007ff4391d3fff 0x0001/0x0000 0x0000000
|
|---|
| 119 | 1bb0.1900: *00007ff90ad00000-00007ff90acfefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 120 | 1bb0.1900: 00007ff90ad01000-00007ff90ac13fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 121 | 1bb0.1900: 00007ff90adee000-00007ff90adeafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 122 | 1bb0.1900: 00007ff90adf1000-00007ff90adeffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 123 | 1bb0.1900: 00007ff90adf2000-00007ff90add4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 124 | 1bb0.1900: 00007ff90ae0f000-00007ff9084cdfff 0x0001/0x0000 0x0000000
|
|---|
| 125 | 1bb0.1900: *00007ff90d750000-00007ff90d74efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 126 | 1bb0.1900: 00007ff90d751000-00007ff90d63dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 127 | 1bb0.1900: 00007ff90d864000-00007ff90d862fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 128 | 1bb0.1900: 00007ff90d865000-00007ff90d863fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 129 | 1bb0.1900: 00007ff90d866000-00007ff90d841fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 130 | 1bb0.1900: 00007ff90d88a000-00007ff90d863fff 0x0001/0x0000 0x0000000
|
|---|
| 131 | 1bb0.1900: *00007ff90d8b0000-00007ff90d8aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 132 | 1bb0.1900: 00007ff90d8b1000-00007ff90d78bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 133 | 1bb0.1900: 00007ff90d9d6000-00007ff90d9ccfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 134 | 1bb0.1900: 00007ff90d9df000-00007ff90d9d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 135 | 1bb0.1900: 00007ff90d9ed000-00007ff90d9ebfff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 136 | 1bb0.1900: 00007ff90d9ee000-00007ff90d985fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 137 | 1bb0.1900: 00007ff90da56000-00007ff21b4cbfff 0x0001/0x0000 0x0000000
|
|---|
| 138 | 1bb0.1900: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
|
|---|
| 139 | 1bb0.1900: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 140 | 1bb0.1900: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
|
|---|
| 141 | 1bb0.1900: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 142 | 1bb0.1900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
|
|---|
| 143 | 1bb0.1900: supHardNtVpScanVirtualMemory: enmKind=VERIFY_ONLY
|
|---|
| 144 | 1bb0.1900: *0000000000000000-ffffffffffabffff 0x0001/0x0000 0x0000000
|
|---|
| 145 | 1bb0.1900: *0000000000540000-000000000052ffff 0x0004/0x0004 0x0040000
|
|---|
| 146 | 1bb0.1900: 0000000000550000-000000000053ffff 0x0001/0x0000 0x0000000
|
|---|
| 147 | 1bb0.1900: *0000000000560000-0000000000550fff 0x0002/0x0002 0x0040000
|
|---|
| 148 | 1bb0.1900: 000000000056f000-000000000056dfff 0x0001/0x0000 0x0000000
|
|---|
| 149 | 1bb0.1900: *0000000000570000-0000000000476fff 0x0000/0x0004 0x0020000
|
|---|
| 150 | 1bb0.1900: 0000000000669000-0000000000665fff 0x0104/0x0004 0x0020000
|
|---|
| 151 | 1bb0.1900: 000000000066c000-0000000000667fff 0x0004/0x0004 0x0020000
|
|---|
| 152 | 1bb0.1900: *0000000000670000-000000000066bfff 0x0002/0x0002 0x0040000
|
|---|
| 153 | 1bb0.1900: 0000000000674000-0000000000667fff 0x0001/0x0000 0x0000000
|
|---|
| 154 | 1bb0.1900: *0000000000680000-000000000067dfff 0x0004/0x0004 0x0020000
|
|---|
| 155 | 1bb0.1900: 0000000000682000-0000000000673fff 0x0001/0x0000 0x0000000
|
|---|
| 156 | 1bb0.1900: *0000000000690000-0000000000611fff 0x0002/0x0002 0x0040000
|
|---|
| 157 | 1bb0.1900: 000000000070e000-000000000070bfff 0x0001/0x0000 0x0000000
|
|---|
| 158 | 1bb0.1900: *0000000000710000-000000000070dfff 0x0004/0x0004 0x0020000
|
|---|
| 159 | 1bb0.1900: 0000000000712000-00000000006f9fff 0x0000/0x0004 0x0020000
|
|---|
| 160 | 1bb0.1900: 000000000072a000-00000000006a3fff 0x0001/0x0000 0x0000000
|
|---|
| 161 | 1bb0.1900: *00000000007b0000-0000000000774fff 0x0004/0x0004 0x0020000
|
|---|
| 162 | 1bb0.1900: 00000000007eb000-00000000007e9fff 0x0000/0x0004 0x0020000
|
|---|
| 163 | 1bb0.1900: 00000000007ec000-00000000007e3fff 0x0004/0x0004 0x0020000
|
|---|
| 164 | 1bb0.1900: 00000000007f4000-00000000007e3fff 0x0000/0x0004 0x0020000
|
|---|
| 165 | 1bb0.1900: 0000000000804000-00000000007f0fff 0x0004/0x0004 0x0020000
|
|---|
| 166 | 1bb0.1900: 0000000000817000-000000000077dfff 0x0000/0x0004 0x0020000
|
|---|
| 167 | 1bb0.1900: *00000000008b0000-00000000008a3fff 0x0000/0x0004 0x0020000
|
|---|
| 168 | 1bb0.1900: 00000000008bc000-0000000000714fff 0x0004/0x0004 0x0020000
|
|---|
| 169 | 1bb0.1900: 0000000000a63000-0000000000a61fff 0x0000/0x0004 0x0020000
|
|---|
| 170 | 1bb0.1900: 0000000000a64000-0000000000a57fff 0x0001/0x0000 0x0000000
|
|---|
| 171 | 1bb0.1900: *0000000000a70000-0000000000970fff 0x0004/0x0004 0x0020000
|
|---|
| 172 | 1bb0.1900: 0000000000b6f000-0000000000b6dfff 0x0000/0x0004 0x0020000
|
|---|
| 173 | 1bb0.1900: *0000000000b70000-0000000000b64fff 0x0000/0x0004 0x0020000
|
|---|
| 174 | 1bb0.1900: 0000000000b7b000-0000000000a3ffff 0x0004/0x0004 0x0020000
|
|---|
| 175 | 1bb0.1900: 0000000000cb6000-0000000000cb4fff 0x0000/0x0004 0x0020000
|
|---|
| 176 | 1bb0.1900: 0000000000cb7000-0000000000cadfff 0x0001/0x0000 0x0000000
|
|---|
| 177 | 1bb0.1900: *0000000000cc0000-0000000000cb6fff 0x0000/0x0004 0x0020000
|
|---|
| 178 | 1bb0.1900: 0000000000cc9000-0000000000bb8fff 0x0004/0x0004 0x0020000
|
|---|
| 179 | 1bb0.1900: 0000000000dd9000-0000000000dd7fff 0x0000/0x0004 0x0020000
|
|---|
| 180 | 1bb0.1900: 0000000000dda000-0000000000dd3fff 0x0001/0x0000 0x0000000
|
|---|
| 181 | 1bb0.1900: *0000000000de0000-0000000000dd9fff 0x0000/0x0004 0x0020000
|
|---|
| 182 | 1bb0.1900: 0000000000de6000-0000000000cd5fff 0x0004/0x0004 0x0020000
|
|---|
| 183 | 1bb0.1900: 0000000000ef6000-0000000000ef4fff 0x0000/0x0004 0x0020000
|
|---|
| 184 | 1bb0.1900: 0000000000ef7000-ffffffff81e0dfff 0x0001/0x0000 0x0000000
|
|---|
| 185 | 1bb0.1900: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
|
|---|
| 186 | 1bb0.1900: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
|
|---|
| 187 | 1bb0.1900: 000000007fff0000-ffff800a5ee6ffff 0x0001/0x0000 0x0000000
|
|---|
| 188 | 1bb0.1900: *00007ff6a1170000-00007ff6a116afff 0x0002/0x0002 0x0040000
|
|---|
| 189 | 1bb0.1900: 00007ff6a1175000-00007ff6a1079fff 0x0000/0x0002 0x0040000
|
|---|
| 190 | 1bb0.1900: *00007ff6a1270000-00007ff6a123cfff 0x0002/0x0002 0x0040000
|
|---|
| 191 | 1bb0.1900: 00007ff6a12a3000-00007ff6a129afff 0x0001/0x0000 0x0000000
|
|---|
| 192 | 1bb0.1900: *00007ff6a12ab000-00007ff6a12a9fff 0x0004/0x0004 0x0020000
|
|---|
| 193 | 1bb0.1900: 00007ff6a12ac000-00007ff6a12a9fff 0x0001/0x0000 0x0000000
|
|---|
| 194 | 1bb0.1900: *00007ff6a12ae000-00007ff6a12abfff 0x0004/0x0004 0x0020000
|
|---|
| 195 | 1bb0.1900: 00007ff6a12b0000-00007ff6a06effff 0x0001/0x0000 0x0000000
|
|---|
| 196 | 1bb0.1900: *00007ff6a1e70000-00007ff6a1e6efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 197 | 1bb0.1900: 00007ff6a1e71000-00007ff6a1df0fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 198 | 1bb0.1900: 00007ff6a1ef1000-00007ff6a1eb9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 199 | 1bb0.1900: 00007ff6a1f28000-00007ff6a1f1efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 200 | 1bb0.1900: 00007ff6a1f31000-00007ff6a1ef7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 201 | 1bb0.1900: 00007ff6a1f6a000-00007ff4391d3fff 0x0001/0x0000 0x0000000
|
|---|
| 202 | 1bb0.1900: *00007ff90ad00000-00007ff90acfefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 203 | 1bb0.1900: 00007ff90ad01000-00007ff90ac13fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 204 | 1bb0.1900: 00007ff90adee000-00007ff90adeafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 205 | 1bb0.1900: 00007ff90adf1000-00007ff90adeffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 206 | 1bb0.1900: 00007ff90adf2000-00007ff90add4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 207 | 1bb0.1900: 00007ff90ae0f000-00007ff9084cdfff 0x0001/0x0000 0x0000000
|
|---|
| 208 | 1bb0.1900: *00007ff90d750000-00007ff90d74efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 209 | 1bb0.1900: 00007ff90d751000-00007ff90d63dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 210 | 1bb0.1900: 00007ff90d864000-00007ff90d862fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 211 | 1bb0.1900: 00007ff90d865000-00007ff90d863fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 212 | 1bb0.1900: 00007ff90d866000-00007ff90d841fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 213 | 1bb0.1900: 00007ff90d88a000-00007ff90d873fff 0x0001/0x0000 0x0000000
|
|---|
| 214 | 1bb0.1900: *00007ff90d8a0000-00007ff90d89efff 0x0004/0x0004 0x0020000
|
|---|
| 215 | 1bb0.1900: 00007ff90d8a1000-00007ff90d891fff 0x0001/0x0000 0x0000000
|
|---|
| 216 | 1bb0.1900: *00007ff90d8b0000-00007ff90d8aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 217 | 1bb0.1900: 00007ff90d8b1000-00007ff90d78bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 218 | 1bb0.1900: 00007ff90d9d6000-00007ff90d9ccfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 219 | 1bb0.1900: 00007ff90d9df000-00007ff90d9d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 220 | 1bb0.1900: 00007ff90d9ed000-00007ff90d9ebfff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 221 | 1bb0.1900: 00007ff90d9ee000-00007ff90d985fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 222 | 1bb0.1900: 00007ff90da56000-00007ff21b4cbfff 0x0001/0x0000 0x0000000
|
|---|
| 223 | 1bb0.1900: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
|
|---|
| 224 | 1bb0.1900: SUPR3HardenedMain: Respawn #2
|
|---|
| 225 | 1bb0.1900: supR3HardNtEnableThreadCreation:
|
|---|
| 226 | 1bb0.1900: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff90d919c5c pvNtTerminateThread=00007ff90d941ba0
|
|---|
| 227 | 1bb0.1900: supR3HardenedWinDoReSpawn(2): New child 1a18.fa0 [kernel32].
|
|---|
| 228 | 1bb0.1900: supR3HardenedWinPurifyChild: PebBaseAddress=00007ff6a1397000 cbPeb=0x388
|
|---|
| 229 | 1bb0.1900: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff90d8b0000 uNtDllChildAddr=00007ff90d8b0000
|
|---|
| 230 | 1bb0.1900: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=00007ff90d919c5c uNtTerminateThread=00007ff90d941ba0
|
|---|
| 231 | 1bb0.1900: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff90d919c5c pvNtTerminateThread=00007ff90d941ba0
|
|---|
| 232 | 1bb0.1900: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
|
|---|
| 233 | 1bb0.1900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll)
|
|---|
| 234 | 1bb0.1900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 235 | 1bb0.1900: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
|
|---|
| 236 | 1bb0.1900: supR3HardNtPuChTriggerInitialImageEvents: ntdll.dll[2nd] mapped at 0000000000a40000 LB 0x1a6000
|
|---|
| 237 | 1bb0.1900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
|
|---|
| 238 | 1bb0.1900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 239 | 1bb0.1900: supR3HardNtPuChTriggerInitialImageEvents: mapping view of kernel32.dll
|
|---|
| 240 | 1bb0.1900: supR3HardNtPuChTriggerInitialImageEvents: kernel32.dll mapped at 00007ff90d750000 LB 0x13a000
|
|---|
| 241 | 1bb0.1900: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
|
|---|
| 242 | 1bb0.1900: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 243 | 1bb0.1900: supR3HardNtPuChTriggerInitialImageEvents: mapping view of KernelBase.dll
|
|---|
| 244 | 1bb0.1900: supR3HardNtPuChTriggerInitialImageEvents: KernelBase.dll mapped at 00007ff90ad00000 LB 0x10f000
|
|---|
| 245 | 1bb0.1900: supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: 16 ms
|
|---|
| 246 | 1bb0.1900: supR3HardNtEnableThreadCreation:
|
|---|
| 247 | 1bb0.1900: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
|
|---|
| 248 | 1bb0.1900: *0000000000000000-ffffffffff70ffff 0x0001/0x0000 0x0000000
|
|---|
| 249 | 1bb0.1900: *00000000008f0000-00000000008cffff 0x0004/0x0004 0x0020000
|
|---|
| 250 | 1bb0.1900: *0000000000910000-0000000000900fff 0x0002/0x0002 0x0040000
|
|---|
| 251 | 1bb0.1900: 000000000091f000-000000000091dfff 0x0001/0x0000 0x0000000
|
|---|
| 252 | 1bb0.1900: *0000000000920000-0000000000823fff 0x0000/0x0004 0x0020000
|
|---|
| 253 | 1bb0.1900: 0000000000a1c000-0000000000a18fff 0x0104/0x0004 0x0020000
|
|---|
| 254 | 1bb0.1900: 0000000000a1f000-0000000000a1dfff 0x0004/0x0004 0x0020000
|
|---|
| 255 | 1bb0.1900: *0000000000a20000-0000000000a1bfff 0x0002/0x0002 0x0040000
|
|---|
| 256 | 1bb0.1900: 0000000000a24000-0000000000a17fff 0x0001/0x0000 0x0000000
|
|---|
| 257 | 1bb0.1900: *0000000000a30000-0000000000a2dfff 0x0004/0x0004 0x0020000
|
|---|
| 258 | 1bb0.1900: 0000000000a32000-ffffffff81483fff 0x0001/0x0000 0x0000000
|
|---|
| 259 | 1bb0.1900: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
|
|---|
| 260 | 1bb0.1900: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
|
|---|
| 261 | 1bb0.1900: 000000007fff0000-ffff800a5ec7ffff 0x0001/0x0000 0x0000000
|
|---|
| 262 | 1bb0.1900: *00007ff6a1360000-00007ff6a132cfff 0x0002/0x0002 0x0040000
|
|---|
| 263 | 1bb0.1900: 00007ff6a1393000-00007ff6a138efff 0x0001/0x0000 0x0000000
|
|---|
| 264 | 1bb0.1900: *00007ff6a1397000-00007ff6a1395fff 0x0004/0x0004 0x0020000
|
|---|
| 265 | 1bb0.1900: 00007ff6a1398000-00007ff6a1391fff 0x0001/0x0000 0x0000000
|
|---|
| 266 | 1bb0.1900: *00007ff6a139e000-00007ff6a139bfff 0x0004/0x0004 0x0020000
|
|---|
| 267 | 1bb0.1900: 00007ff6a13a0000-00007ff6a08cffff 0x0001/0x0000 0x0000000
|
|---|
| 268 | 1bb0.1900: *00007ff6a1e70000-00007ff6a1e6efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 269 | 1bb0.1900: 00007ff6a1e71000-00007ff6a1df1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 270 | 1bb0.1900: 00007ff6a1ef0000-00007ff6a1eeefff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 271 | 1bb0.1900: 00007ff6a1ef1000-00007ff6a1eb9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 272 | 1bb0.1900: 00007ff6a1f28000-00007ff6a1f1efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 273 | 1bb0.1900: 00007ff6a1f31000-00007ff6a1ef7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 274 | 1bb0.1900: 00007ff6a1f6a000-00007ff436623fff 0x0001/0x0000 0x0000000
|
|---|
| 275 | 1bb0.1900: *00007ff90d8b0000-00007ff90d8aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 276 | 1bb0.1900: 00007ff90d8b1000-00007ff90d78bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 277 | 1bb0.1900: 00007ff90d9d6000-00007ff90d9ccfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 278 | 1bb0.1900: 00007ff90d9df000-00007ff90d9d1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 279 | 1bb0.1900: 00007ff90d9ec000-00007ff90d9eafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 280 | 1bb0.1900: 00007ff90d9ed000-00007ff90d9ebfff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 281 | 1bb0.1900: 00007ff90d9ee000-00007ff90d985fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 282 | 1bb0.1900: 00007ff90da56000-00007ff21b4cbfff 0x0001/0x0000 0x0000000
|
|---|
| 283 | 1bb0.1900: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
|
|---|
| 284 | 1a18.fa0: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000010 g_uNtVerCombined=0x63258000
|
|---|
| 285 | 1a18.fa0: Calling main()
|
|---|
| 286 | 1a18.fa0: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
|
|---|
| 287 | 1a18.fa0: System32: \Device\HarddiskVolume3\Windows\System32
|
|---|
| 288 | 1a18.fa0: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
|
|---|
| 289 | 1a18.fa0: ProgDir: \Device\HarddiskVolume3\Program Files
|
|---|
| 290 | 1a18.fa0: ComDir: \Device\HarddiskVolume3\Program Files\Common Files
|
|---|
| 291 | 1a18.fa0: ProgDir32: \Device\HarddiskVolume3\Program Files (x86)
|
|---|
| 292 | 1a18.fa0: ComDir32: \Device\HarddiskVolume3\Program Files (x86)\Common Files
|
|---|
| 293 | 1a18.fa0: supR3HardenedWinInit: Startup delay kludge #2/0: 94 ms, 12 sleeps
|
|---|
| 294 | 1a18.fa0: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
|
|---|
| 295 | 1a18.fa0: *0000000000000000-ffffffffff70ffff 0x0001/0x0000 0x0000000
|
|---|
| 296 | 1a18.fa0: *00000000008f0000-00000000008dffff 0x0004/0x0004 0x0040000
|
|---|
| 297 | 1a18.fa0: 0000000000900000-00000000008effff 0x0001/0x0000 0x0000000
|
|---|
| 298 | 1a18.fa0: *0000000000910000-0000000000900fff 0x0002/0x0002 0x0040000
|
|---|
| 299 | 1a18.fa0: 000000000091f000-000000000091dfff 0x0001/0x0000 0x0000000
|
|---|
| 300 | 1a18.fa0: *0000000000920000-0000000000824fff 0x0000/0x0004 0x0020000
|
|---|
| 301 | 1a18.fa0: 0000000000a1b000-0000000000a17fff 0x0104/0x0004 0x0020000
|
|---|
| 302 | 1a18.fa0: 0000000000a1e000-0000000000a1bfff 0x0004/0x0004 0x0020000
|
|---|
| 303 | 1a18.fa0: *0000000000a20000-0000000000a1bfff 0x0002/0x0002 0x0040000
|
|---|
| 304 | 1a18.fa0: 0000000000a24000-0000000000a17fff 0x0001/0x0000 0x0000000
|
|---|
| 305 | 1a18.fa0: *0000000000a30000-0000000000a2dfff 0x0004/0x0004 0x0020000
|
|---|
| 306 | 1a18.fa0: 0000000000a32000-0000000000a23fff 0x0001/0x0000 0x0000000
|
|---|
| 307 | 1a18.fa0: *0000000000a40000-00000000009c1fff 0x0002/0x0002 0x0040000
|
|---|
| 308 | 1a18.fa0: 0000000000abe000-0000000000abbfff 0x0001/0x0000 0x0000000
|
|---|
| 309 | 1a18.fa0: *0000000000ac0000-0000000000abdfff 0x0004/0x0004 0x0020000
|
|---|
| 310 | 1a18.fa0: 0000000000ac2000-0000000000aa9fff 0x0000/0x0004 0x0020000
|
|---|
| 311 | 1a18.fa0: 0000000000ada000-00000000009a3fff 0x0001/0x0000 0x0000000
|
|---|
| 312 | 1a18.fa0: *0000000000c10000-0000000000be1fff 0x0004/0x0004 0x0020000
|
|---|
| 313 | 1a18.fa0: 0000000000c3e000-0000000000b6bfff 0x0000/0x0004 0x0020000
|
|---|
| 314 | 1a18.fa0: *0000000000d10000-0000000000d0bfff 0x0000/0x0004 0x0020000
|
|---|
| 315 | 1a18.fa0: 0000000000d14000-0000000000b6cfff 0x0004/0x0004 0x0020000
|
|---|
| 316 | 1a18.fa0: 0000000000ebb000-0000000000eb9fff 0x0000/0x0004 0x0020000
|
|---|
| 317 | 1a18.fa0: 0000000000ebc000-ffffffff81d97fff 0x0001/0x0000 0x0000000
|
|---|
| 318 | 1a18.fa0: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
|
|---|
| 319 | 1a18.fa0: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
|
|---|
| 320 | 1a18.fa0: 000000007fff0000-ffff800a5ed7ffff 0x0001/0x0000 0x0000000
|
|---|
| 321 | 1a18.fa0: *00007ff6a1260000-00007ff6a125afff 0x0002/0x0002 0x0040000
|
|---|
| 322 | 1a18.fa0: 00007ff6a1265000-00007ff6a1169fff 0x0000/0x0002 0x0040000
|
|---|
| 323 | 1a18.fa0: *00007ff6a1360000-00007ff6a132cfff 0x0002/0x0002 0x0040000
|
|---|
| 324 | 1a18.fa0: 00007ff6a1393000-00007ff6a138efff 0x0001/0x0000 0x0000000
|
|---|
| 325 | 1a18.fa0: *00007ff6a1397000-00007ff6a1395fff 0x0004/0x0004 0x0020000
|
|---|
| 326 | 1a18.fa0: 00007ff6a1398000-00007ff6a1391fff 0x0001/0x0000 0x0000000
|
|---|
| 327 | 1a18.fa0: *00007ff6a139e000-00007ff6a139bfff 0x0004/0x0004 0x0020000
|
|---|
| 328 | 1a18.fa0: 00007ff6a13a0000-00007ff6a08cffff 0x0001/0x0000 0x0000000
|
|---|
| 329 | 1a18.fa0: *00007ff6a1e70000-00007ff6a1e6efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 330 | 1a18.fa0: 00007ff6a1e71000-00007ff6a1df1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 331 | 1a18.fa0: 00007ff6a1ef0000-00007ff6a1eeefff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 332 | 1a18.fa0: 00007ff6a1ef1000-00007ff6a1eb9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 333 | 1a18.fa0: 00007ff6a1f28000-00007ff6a1f1efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 334 | 1a18.fa0: 00007ff6a1f31000-00007ff6a1ef7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 335 | 1a18.fa0: 00007ff6a1f6a000-00007ff4391d3fff 0x0001/0x0000 0x0000000
|
|---|
| 336 | 1a18.fa0: *00007ff90ad00000-00007ff90acfefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 337 | 1a18.fa0: 00007ff90ad01000-00007ff90ac13fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 338 | 1a18.fa0: 00007ff90adee000-00007ff90adeafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 339 | 1a18.fa0: 00007ff90adf1000-00007ff90adeffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 340 | 1a18.fa0: 00007ff90adf2000-00007ff90add4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 341 | 1a18.fa0: 00007ff90ae0f000-00007ff9084cdfff 0x0001/0x0000 0x0000000
|
|---|
| 342 | 1a18.fa0: *00007ff90d750000-00007ff90d74efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 343 | 1a18.fa0: 00007ff90d751000-00007ff90d63dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 344 | 1a18.fa0: 00007ff90d864000-00007ff90d862fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 345 | 1a18.fa0: 00007ff90d865000-00007ff90d863fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 346 | 1a18.fa0: 00007ff90d866000-00007ff90d841fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 347 | 1a18.fa0: 00007ff90d88a000-00007ff90d863fff 0x0001/0x0000 0x0000000
|
|---|
| 348 | 1a18.fa0: *00007ff90d8b0000-00007ff90d8aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 349 | 1a18.fa0: 00007ff90d8b1000-00007ff90d78bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 350 | 1a18.fa0: 00007ff90d9d6000-00007ff90d9ccfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 351 | 1a18.fa0: 00007ff90d9df000-00007ff90d9d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 352 | 1a18.fa0: 00007ff90d9ed000-00007ff90d9ebfff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 353 | 1a18.fa0: 00007ff90d9ee000-00007ff90d985fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 354 | 1a18.fa0: 00007ff90da56000-00007ff21b4cbfff 0x0001/0x0000 0x0000000
|
|---|
| 355 | 1a18.fa0: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
|
|---|
| 356 | 1a18.fa0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 357 | 1a18.fa0: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
|
|---|
| 358 | 1a18.fa0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
|
|---|
| 359 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
|
|---|
| 360 | 1a18.fa0: supHardNtVpScanVirtualMemory: enmKind=VERIFY_ONLY
|
|---|
| 361 | 1a18.fa0: *0000000000000000-ffffffffff70ffff 0x0001/0x0000 0x0000000
|
|---|
| 362 | 1a18.fa0: *00000000008f0000-00000000008dffff 0x0004/0x0004 0x0040000
|
|---|
| 363 | 1a18.fa0: 0000000000900000-00000000008effff 0x0001/0x0000 0x0000000
|
|---|
| 364 | 1a18.fa0: *0000000000910000-0000000000900fff 0x0002/0x0002 0x0040000
|
|---|
| 365 | 1a18.fa0: 000000000091f000-000000000091dfff 0x0001/0x0000 0x0000000
|
|---|
| 366 | 1a18.fa0: *0000000000920000-0000000000826fff 0x0000/0x0004 0x0020000
|
|---|
| 367 | 1a18.fa0: 0000000000a19000-0000000000a15fff 0x0104/0x0004 0x0020000
|
|---|
| 368 | 1a18.fa0: 0000000000a1c000-0000000000a17fff 0x0004/0x0004 0x0020000
|
|---|
| 369 | 1a18.fa0: *0000000000a20000-0000000000a1bfff 0x0002/0x0002 0x0040000
|
|---|
| 370 | 1a18.fa0: 0000000000a24000-0000000000a17fff 0x0001/0x0000 0x0000000
|
|---|
| 371 | 1a18.fa0: *0000000000a30000-0000000000a2dfff 0x0004/0x0004 0x0020000
|
|---|
| 372 | 1a18.fa0: 0000000000a32000-0000000000a23fff 0x0001/0x0000 0x0000000
|
|---|
| 373 | 1a18.fa0: *0000000000a40000-00000000009c1fff 0x0002/0x0002 0x0040000
|
|---|
| 374 | 1a18.fa0: 0000000000abe000-0000000000abbfff 0x0001/0x0000 0x0000000
|
|---|
| 375 | 1a18.fa0: *0000000000ac0000-0000000000abdfff 0x0004/0x0004 0x0020000
|
|---|
| 376 | 1a18.fa0: 0000000000ac2000-0000000000aa9fff 0x0000/0x0004 0x0020000
|
|---|
| 377 | 1a18.fa0: 0000000000ada000-0000000000ad3fff 0x0001/0x0000 0x0000000
|
|---|
| 378 | 1a18.fa0: *0000000000ae0000-00000000009e0fff 0x0004/0x0004 0x0020000
|
|---|
| 379 | 1a18.fa0: 0000000000bdf000-0000000000bddfff 0x0000/0x0004 0x0020000
|
|---|
| 380 | 1a18.fa0: 0000000000be0000-0000000000baffff 0x0001/0x0000 0x0000000
|
|---|
| 381 | 1a18.fa0: *0000000000c10000-0000000000bd4fff 0x0004/0x0004 0x0020000
|
|---|
| 382 | 1a18.fa0: 0000000000c4b000-0000000000c49fff 0x0000/0x0004 0x0020000
|
|---|
| 383 | 1a18.fa0: 0000000000c4c000-0000000000c43fff 0x0004/0x0004 0x0020000
|
|---|
| 384 | 1a18.fa0: 0000000000c54000-0000000000c43fff 0x0000/0x0004 0x0020000
|
|---|
| 385 | 1a18.fa0: 0000000000c64000-0000000000c50fff 0x0004/0x0004 0x0020000
|
|---|
| 386 | 1a18.fa0: 0000000000c77000-0000000000bddfff 0x0000/0x0004 0x0020000
|
|---|
| 387 | 1a18.fa0: *0000000000d10000-0000000000d0bfff 0x0000/0x0004 0x0020000
|
|---|
| 388 | 1a18.fa0: 0000000000d14000-0000000000b6cfff 0x0004/0x0004 0x0020000
|
|---|
| 389 | 1a18.fa0: 0000000000ebb000-0000000000eb9fff 0x0000/0x0004 0x0020000
|
|---|
| 390 | 1a18.fa0: 0000000000ebc000-0000000000eb7fff 0x0001/0x0000 0x0000000
|
|---|
| 391 | 1a18.fa0: *0000000000ec0000-0000000000eb9fff 0x0000/0x0004 0x0020000
|
|---|
| 392 | 1a18.fa0: 0000000000ec6000-0000000000d8afff 0x0004/0x0004 0x0020000
|
|---|
| 393 | 1a18.fa0: 0000000001001000-0000000000ffffff 0x0000/0x0004 0x0020000
|
|---|
| 394 | 1a18.fa0: 0000000001002000-0000000000ff3fff 0x0001/0x0000 0x0000000
|
|---|
| 395 | 1a18.fa0: *0000000001010000-0000000001009fff 0x0000/0x0004 0x0020000
|
|---|
| 396 | 1a18.fa0: 0000000001016000-0000000000f05fff 0x0004/0x0004 0x0020000
|
|---|
| 397 | 1a18.fa0: 0000000001126000-0000000001124fff 0x0000/0x0004 0x0020000
|
|---|
| 398 | 1a18.fa0: 0000000001127000-000000000111dfff 0x0001/0x0000 0x0000000
|
|---|
| 399 | 1a18.fa0: *0000000001130000-0000000001122fff 0x0000/0x0004 0x0020000
|
|---|
| 400 | 1a18.fa0: 000000000113d000-000000000102cfff 0x0004/0x0004 0x0020000
|
|---|
| 401 | 1a18.fa0: 000000000124d000-000000000124bfff 0x0000/0x0004 0x0020000
|
|---|
| 402 | 1a18.fa0: 000000000124e000-ffffffff824bbfff 0x0001/0x0000 0x0000000
|
|---|
| 403 | 1a18.fa0: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
|
|---|
| 404 | 1a18.fa0: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
|
|---|
| 405 | 1a18.fa0: 000000007fff0000-ffff800a5ed7ffff 0x0001/0x0000 0x0000000
|
|---|
| 406 | 1a18.fa0: *00007ff6a1260000-00007ff6a125afff 0x0002/0x0002 0x0040000
|
|---|
| 407 | 1a18.fa0: 00007ff6a1265000-00007ff6a1169fff 0x0000/0x0002 0x0040000
|
|---|
| 408 | 1a18.fa0: *00007ff6a1360000-00007ff6a132cfff 0x0002/0x0002 0x0040000
|
|---|
| 409 | 1a18.fa0: 00007ff6a1393000-00007ff6a138efff 0x0001/0x0000 0x0000000
|
|---|
| 410 | 1a18.fa0: *00007ff6a1397000-00007ff6a1395fff 0x0004/0x0004 0x0020000
|
|---|
| 411 | 1a18.fa0: 00007ff6a1398000-00007ff6a1391fff 0x0001/0x0000 0x0000000
|
|---|
| 412 | 1a18.fa0: *00007ff6a139e000-00007ff6a139bfff 0x0004/0x0004 0x0020000
|
|---|
| 413 | 1a18.fa0: 00007ff6a13a0000-00007ff6a08cffff 0x0001/0x0000 0x0000000
|
|---|
| 414 | 1a18.fa0: *00007ff6a1e70000-00007ff6a1e6efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 415 | 1a18.fa0: 00007ff6a1e71000-00007ff6a1df0fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 416 | 1a18.fa0: 00007ff6a1ef1000-00007ff6a1eb9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 417 | 1a18.fa0: 00007ff6a1f28000-00007ff6a1f1efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 418 | 1a18.fa0: 00007ff6a1f31000-00007ff6a1ef7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
|
|---|
| 419 | 1a18.fa0: 00007ff6a1f6a000-00007ff4391d3fff 0x0001/0x0000 0x0000000
|
|---|
| 420 | 1a18.fa0: *00007ff90ad00000-00007ff90acfefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 421 | 1a18.fa0: 00007ff90ad01000-00007ff90ac13fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 422 | 1a18.fa0: 00007ff90adee000-00007ff90adeafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 423 | 1a18.fa0: 00007ff90adf1000-00007ff90adeffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 424 | 1a18.fa0: 00007ff90adf2000-00007ff90add4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
|
|---|
| 425 | 1a18.fa0: 00007ff90ae0f000-00007ff9084cdfff 0x0001/0x0000 0x0000000
|
|---|
| 426 | 1a18.fa0: *00007ff90d750000-00007ff90d74efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 427 | 1a18.fa0: 00007ff90d751000-00007ff90d63dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 428 | 1a18.fa0: 00007ff90d864000-00007ff90d862fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 429 | 1a18.fa0: 00007ff90d865000-00007ff90d863fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 430 | 1a18.fa0: 00007ff90d866000-00007ff90d841fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 431 | 1a18.fa0: 00007ff90d88a000-00007ff90d873fff 0x0001/0x0000 0x0000000
|
|---|
| 432 | 1a18.fa0: *00007ff90d8a0000-00007ff90d89efff 0x0004/0x0004 0x0020000
|
|---|
| 433 | 1a18.fa0: 00007ff90d8a1000-00007ff90d891fff 0x0001/0x0000 0x0000000
|
|---|
| 434 | 1a18.fa0: *00007ff90d8b0000-00007ff90d8aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 435 | 1a18.fa0: 00007ff90d8b1000-00007ff90d78bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 436 | 1a18.fa0: 00007ff90d9d6000-00007ff90d9ccfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 437 | 1a18.fa0: 00007ff90d9df000-00007ff90d9d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 438 | 1a18.fa0: 00007ff90d9ed000-00007ff90d9ebfff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 439 | 1a18.fa0: 00007ff90d9ee000-00007ff90d985fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
|
|---|
| 440 | 1a18.fa0: 00007ff90da56000-00007ff21b4cbfff 0x0001/0x0000 0x0000000
|
|---|
| 441 | 1a18.fa0: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
|
|---|
| 442 | 1a18.fa0: SUPR3HardenedMain: Final process, opening VBoxDrv...
|
|---|
| 443 | 1a18.fa0: supR3HardNtEnableThreadCreation:
|
|---|
| 444 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags>
|
|---|
| 445 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
|
|---|
| 446 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
|
|---|
| 447 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
|
|---|
| 448 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 449 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
|
|---|
| 450 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fea10000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
|
|---|
| 451 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 452 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
|
|---|
| 453 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fea10000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
|
|---|
| 454 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fea10000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
|
|---|
| 455 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags>
|
|---|
| 456 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 457 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'crypt32.dll'.
|
|---|
| 458 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'msasn1.dll'.
|
|---|
| 459 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
|
|---|
| 460 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll)
|
|---|
| 461 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
|
|---|
| 462 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 463 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 464 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
|
|---|
| 465 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 466 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
|
|---|
| 467 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
|
|---|
| 468 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll)
|
|---|
| 469 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll
|
|---|
| 470 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
|
|---|
| 471 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
|
|---|
| 472 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 473 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'msasn1.dll'.
|
|---|
| 474 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll)
|
|---|
| 475 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 476 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 477 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 478 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
|
|---|
| 479 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 480 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
|
|---|
| 481 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
|
|---|
| 482 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
|
|---|
| 483 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 484 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 485 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 486 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 487 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\system32\Wintrust.dll'
|
|---|
| 488 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 489 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 490 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 491 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 492 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 493 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 494 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 495 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 496 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 497 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 498 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 499 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 500 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 501 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 502 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 503 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 504 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 505 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 506 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 507 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 508 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 509 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll)
|
|---|
| 510 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
|
|---|
| 511 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 512 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcrypt.dll'.
|
|---|
| 513 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll)
|
|---|
| 514 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 515 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
|
|---|
| 516 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
|
|---|
| 517 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
|
|---|
| 518 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
|
|---|
| 519 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 520 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
|
|---|
| 521 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 522 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
|
|---|
| 523 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
|
|---|
| 524 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
|
|---|
| 525 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
|
|---|
| 526 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
|
|---|
| 527 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=kernel32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 528 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'kernel32.dll' -> 'C:\Windows\system32\kernel32.dll' [rcNt=0xc0150008]
|
|---|
| 529 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
|
|---|
| 530 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 531 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
|
|---|
| 532 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
|
|---|
| 533 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
|
|---|
| 534 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90d750000 'C:\Windows\system32\kernel32.dll'
|
|---|
| 535 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 536 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 537 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 538 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 539 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
|
|---|
| 540 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\CRYPT32.dll'
|
|---|
| 541 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 542 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 543 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 544 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'bcrypt.dll'.
|
|---|
| 545 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ntasn1.dll'.
|
|---|
| 546 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ncrypt.dll)
|
|---|
| 547 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ncrypt.dll
|
|---|
| 548 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntasn1.dll)
|
|---|
| 549 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntasn1.dll
|
|---|
| 550 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 551 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
|
|---|
| 552 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntasn1.dll'...
|
|---|
| 553 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\ntasn1.dll'
|
|---|
| 554 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntasn1.dll [lacks WinVerifyTrust]
|
|---|
| 555 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
|
|---|
| 556 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
|
|---|
| 557 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
|
|---|
| 558 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ab10000 'C:\Windows\system32\bcryptprimitives.dll'
|
|---|
| 559 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
|
|---|
| 560 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
|
|---|
| 561 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
|
|---|
| 562 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 563 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
|
|---|
| 564 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll)
|
|---|
| 565 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll
|
|---|
| 566 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
|
|---|
| 567 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
|
|---|
| 568 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 569 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
|
|---|
| 570 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 571 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'crypt32.dll'.
|
|---|
| 572 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'wldap32.dll'.
|
|---|
| 573 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll)
|
|---|
| 574 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
|
|---|
| 575 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
|
|---|
| 576 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume3\Windows\System32\wldap32.dll'
|
|---|
| 577 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 578 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\Wldap32.dll)
|
|---|
| 579 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\Wldap32.dll
|
|---|
| 580 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
|
|---|
| 581 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
|
|---|
| 582 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
|
|---|
| 583 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 584 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 585 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 586 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 587 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 588 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 589 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 590 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 591 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 592 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 593 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 594 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 595 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 596 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 597 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 598 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 599 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 600 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 601 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 602 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 603 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 604 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 605 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 606 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 607 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 608 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 609 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 610 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 611 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 612 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 613 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 614 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 615 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 616 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 617 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 618 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 619 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 620 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 621 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 622 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 623 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 624 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 625 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 626 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 627 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 628 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 629 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 630 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 631 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 632 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\system32\cryptnet.dll'
|
|---|
| 633 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 634 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
|
|---|
| 635 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\System32\cryptnet.dll'
|
|---|
| 636 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 637 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
|
|---|
| 638 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'.
|
|---|
| 639 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
|
|---|
| 640 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 641 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 642 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 643 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 644 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 645 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 646 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
|
|---|
| 647 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
|
|---|
| 648 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
|
|---|
| 649 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 650 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 651 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
|
|---|
| 652 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 653 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 654 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 655 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
|
|---|
| 656 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 657 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
|
|---|
| 658 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000b9b990
|
|---|
| 659 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 660 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7F4DBD57735AA8D272712E3B59634C9F87BD4711
|
|---|
| 661 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=rpcrt4.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 662 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'rpcrt4.dll' -> 'C:\Windows\system32\rpcrt4.dll' [rcNt=0xc0150008]
|
|---|
| 663 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
|
|---|
| 664 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b7f0000 'C:\Windows\system32\rpcrt4.dll'
|
|---|
| 665 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 666 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 667 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 668 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 669 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 670 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 671 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 672 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 673 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 674 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 675 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 676 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 677 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 678 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 679 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 680 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 681 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 682 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 683 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 684 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
|
|---|
| 685 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 686 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 687 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 688 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 689 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 690 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 691 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
|
|---|
| 692 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 693 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_58_for_KB2984006~31bf3856ad364e35~amd64~~6.3.1.4.cat'; file='\SystemRoot\System32\ntdll.dll'
|
|---|
| 694 | 1a18.fa0: g_pfnWinVerifyTrust=00007ff90b041040
|
|---|
| 695 | 1a18.fa0: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
|
|---|
| 696 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 697 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 698 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 699 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 700 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 701 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
|
|---|
| 702 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 703 | 1a18.fa0: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
|
|---|
| 704 | 1a18.fa0: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
|
|---|
| 705 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 706 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 707 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 708 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 709 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 710 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 711 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 712 | 1a18.fa0: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
|
|---|
| 713 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 714 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 715 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 716 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 717 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 718 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 719 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 720 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 721 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000370 pwszName=\Device\HarddiskVolume3\Windows\System32\Wldap32.dll
|
|---|
| 722 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 723 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 724 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A08496AE026B14E832621417F248DDCAECD22079
|
|---|
| 725 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 726 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 727 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 728 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 729 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 730 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 731 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 732 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_76_for_KB2984006~31bf3856ad364e35~amd64~~6.3.1.4.cat'; file='\Device\HarddiskVolume3\Windows\System32\Wldap32.dll'
|
|---|
| 733 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 734 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\Wldap32.dll'
|
|---|
| 735 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000036c pwszName=\Device\HarddiskVolume3\Windows\System32\cryptnet.dll
|
|---|
| 736 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 737 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 738 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0315578F0B76A9760FEA2715053C51E46A277B04
|
|---|
| 739 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 740 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 741 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 742 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 743 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 744 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 745 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 746 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CoreSystem-DS-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
|
|---|
| 747 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 748 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
|
|---|
| 749 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 750 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 751 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 752 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 753 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 754 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 755 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 756 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
|
|---|
| 757 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 758 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 759 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 760 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 761 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 762 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 763 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 764 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
|
|---|
| 765 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 766 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 767 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 768 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 769 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 770 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 771 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 772 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
|
|---|
| 773 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 774 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 775 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 776 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 777 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 778 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 779 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 780 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ntasn1.dll'
|
|---|
| 781 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 782 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 783 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 784 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 785 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 786 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 787 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 788 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ncrypt.dll'
|
|---|
| 789 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 790 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 791 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 792 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 793 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 794 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 795 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 796 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
|
|---|
| 797 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 798 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 799 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 800 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 801 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 802 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 803 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 804 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
|
|---|
| 805 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 806 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 807 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 808 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 809 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 810 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 811 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 812 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
|
|---|
| 813 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 814 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 815 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 816 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 817 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 818 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 819 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 820 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
|
|---|
| 821 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 822 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
|
|---|
| 823 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 824 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 825 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 826 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 827 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 828 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll'
|
|---|
| 829 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 830 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 831 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 832 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 833 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 834 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 835 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 836 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
|
|---|
| 837 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 838 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 839 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 840 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 841 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 842 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 843 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 844 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 845 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 846 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 847 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 848 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 849 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 850 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 851 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 852 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
|
|---|
| 853 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 854 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 855 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 856 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 857 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 858 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 859 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 860 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 861 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 862 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 863 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 864 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
|
|---|
| 865 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags>
|
|---|
| 866 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 867 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 868 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
|
|---|
| 869 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
|
|---|
| 870 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
|
|---|
| 871 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
|
|---|
| 872 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
|
|---|
| 873 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
|
|---|
| 874 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x6e1ee6086d95d900 CN=Dennis5
|
|---|
| 875 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
|
|---|
| 876 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
|
|---|
| 877 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x75a2ccecb8259a00 C=TW, O=Government Root Certification Authority
|
|---|
| 878 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x91e3728b8b40d000 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority
|
|---|
| 879 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
|
|---|
| 880 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
|
|---|
| 881 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
|
|---|
| 882 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x266e9b638ffac00 C=HK, O=Hongkong Post, CN=Hongkong Post Root CA 1
|
|---|
| 883 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
|
|---|
| 884 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
|
|---|
| 885 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
|
|---|
| 886 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
|
|---|
| 887 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
|
|---|
| 888 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
|
|---|
| 889 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
|
|---|
| 890 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xff3891b54348328 C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
|
|---|
| 891 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
|
|---|
| 892 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
|
|---|
| 893 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
|
|---|
| 894 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
|
|---|
| 895 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
|
|---|
| 896 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
|
|---|
| 897 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
|
|---|
| 898 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
|
|---|
| 899 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
|
|---|
| 900 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x6e2ba21058eedf00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN - DATACorp SGC
|
|---|
| 901 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
|
|---|
| 902 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
|
|---|
| 903 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
|
|---|
| 904 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
|
|---|
| 905 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
|
|---|
| 906 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x30669a4e82fa800 C=US, O=America Online Inc., CN=America Online Root Certification Authority 1
|
|---|
| 907 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
|
|---|
| 908 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x9259c8abe5ca713a L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com/, Email=info@valicert.com
|
|---|
| 909 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
|
|---|
| 910 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
|
|---|
| 911 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
|
|---|
| 912 | 1a18.fa0: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
|
|---|
| 913 | 1a18.fa0: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=45
|
|---|
| 914 | 1a18.fa0: SUPR3HardenedMain: Load Runtime...
|
|---|
| 915 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags>
|
|---|
| 916 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 917 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 918 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 919 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 920 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
|
|---|
| 921 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
|
|---|
| 922 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
|
|---|
| 923 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll)WinVerifyTrust
|
|---|
| 924 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 925 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 926 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 927 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 928 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 929 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 930 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 931 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 932 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 933 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 934 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 935 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 936 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 937 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'nsi.dll'.
|
|---|
| 938 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
|
|---|
| 939 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll)WinVerifyTrust
|
|---|
| 940 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 941 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
|
|---|
| 942 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll'
|
|---|
| 943 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 944 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 945 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 946 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 947 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 948 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
|
|---|
| 949 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll'
|
|---|
| 950 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\nsi.dll'.
|
|---|
| 951 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll)
|
|---|
| 952 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
|
|---|
| 953 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 954 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 955 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll)WinVerifyTrust
|
|---|
| 956 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
|
|---|
| 957 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 958 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 959 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 960 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 961 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 962 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 963 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
|
|---|
| 964 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll)
|
|---|
| 965 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 966 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 967 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll)WinVerifyTrust
|
|---|
| 968 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 969 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
|
|---|
| 970 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
|
|---|
| 971 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 972 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 973 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 974 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 975 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 976 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 977 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 978 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 979 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 980 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 981 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 982 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\nsi.dll'
|
|---|
| 983 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 984 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 985 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 986 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 987 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 988 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 989 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 990 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 991 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 992 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 993 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 994 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 995 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 996 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 997 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 998 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 999 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1000 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1001 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1002 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1003 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1004 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1005 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1006 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1007 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1008 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1009 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1010 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1011 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1012 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1013 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1014 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1015 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1016 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1017 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1018 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1019 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1020 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1021 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1022 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1023 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1024 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1025 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1026 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1027 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1028 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1029 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1030 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1031 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1032 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1033 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1034 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1035 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1036 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1037 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1038 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1039 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1040 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1041 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1042 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1043 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1044 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1045 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1046 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1047 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1048 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1049 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1050 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1051 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1052 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1053 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1054 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1055 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1056 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1057 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1058 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1059 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1060 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1061 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1062 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1063 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1064 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1065 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1066 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1067 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1068 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1069 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1070 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1071 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1072 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1073 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1074 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1075 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1076 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1077 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1078 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1079 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dfdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
|
|---|
| 1080 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags>
|
|---|
| 1081 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
|
|---|
| 1082 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\system32\Wintrust.dll'
|
|---|
| 1083 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1084 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1085 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1086 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1087 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1088 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1089 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1090 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1091 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1092 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1093 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1094 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1095 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1096 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1097 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags>
|
|---|
| 1098 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1099 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1100 | 1a18.fa0: SUPR3HardenedMain: Load TrustedMain...
|
|---|
| 1101 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags>
|
|---|
| 1102 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1103 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1104 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1105 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
|
|---|
| 1106 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
|
|---|
| 1107 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
|
|---|
| 1108 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
|
|---|
| 1109 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
|
|---|
| 1110 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
|
|---|
| 1111 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
|
|---|
| 1112 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
|
|---|
| 1113 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
|
|---|
| 1114 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
|
|---|
| 1115 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
|
|---|
| 1116 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
|
|---|
| 1117 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
|
|---|
| 1118 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
|
|---|
| 1119 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
|
|---|
| 1120 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
|
|---|
| 1121 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll)WinVerifyTrust
|
|---|
| 1122 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
|
|---|
| 1123 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
|
|---|
| 1124 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll'
|
|---|
| 1125 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1126 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1127 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1128 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1129 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1130 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1131 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1132 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
|
|---|
| 1133 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
|
|---|
| 1134 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'user32.dll'.
|
|---|
| 1135 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll)WinVerifyTrust
|
|---|
| 1136 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
|
|---|
| 1137 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
|
|---|
| 1138 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll'
|
|---|
| 1139 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000430 pwszName=\Device\HarddiskVolume3\Windows\System32\comdlg32.dll
|
|---|
| 1140 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 1141 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 1142 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D07100D567670EB6C18EAD4F8F1561AE4F40E0A5
|
|---|
| 1143 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1144 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1145 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1146 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1147 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
|
|---|
| 1148 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'gdi32.dll'.
|
|---|
| 1149 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
|
|---|
| 1150 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1151 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1152 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1153 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1154 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
|
|---|
| 1155 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'
|
|---|
| 1156 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
|
|---|
| 1157 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
|
|---|
| 1158 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'devobj.dll'.
|
|---|
| 1159 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmmbase.dll)
|
|---|
| 1160 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmmbase.dll
|
|---|
| 1161 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
|
|---|
| 1162 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll'
|
|---|
| 1163 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\devobj.dll'.
|
|---|
| 1164 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1165 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'.
|
|---|
| 1166 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll)
|
|---|
| 1167 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
|
|---|
| 1168 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1169 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1170 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1171 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1172 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1173 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
|
|---|
| 1174 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'user32.dll'.
|
|---|
| 1175 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
|
|---|
| 1176 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 1177 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1178 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1179 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1180 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
|
|---|
| 1181 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
|
|---|
| 1182 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
|
|---|
| 1183 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
|
|---|
| 1184 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
|
|---|
| 1185 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1186 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1187 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1188 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1189 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1190 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1191 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1192 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1193 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_546_for_KB2975719~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume3\Windows\System32\comdlg32.dll'
|
|---|
| 1194 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 1195 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1196 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
|
|---|
| 1197 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 1198 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
|
|---|
| 1199 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
|
|---|
| 1200 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
|
|---|
| 1201 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comdlg32.dll)WinVerifyTrust
|
|---|
| 1202 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
|
|---|
| 1203 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 1204 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll'
|
|---|
| 1205 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1206 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1207 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
|
|---|
| 1208 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
|
|---|
| 1209 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
|
|---|
| 1210 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1211 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #55 'user32.dll'.
|
|---|
| 1212 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'shlwapi.dll'.
|
|---|
| 1213 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #59 'gdi32.dll'.
|
|---|
| 1214 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
|
|---|
| 1215 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 1216 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
|
|---|
| 1217 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'
|
|---|
| 1218 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'.
|
|---|
| 1219 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
|
|---|
| 1220 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
|
|---|
| 1221 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
|
|---|
| 1222 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\comctl32.dll)
|
|---|
| 1223 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comctl32.dll
|
|---|
| 1224 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1225 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1226 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 1227 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1228 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1229 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1230 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
|
|---|
| 1231 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
|
|---|
| 1232 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
|
|---|
| 1233 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
|
|---|
| 1234 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
|
|---|
| 1235 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'.
|
|---|
| 1236 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
|
|---|
| 1237 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
|
|---|
| 1238 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1239 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1240 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1241 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1242 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1243 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 1244 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1245 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1246 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1247 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1248 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1249 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1250 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1251 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1252 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1253 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1254 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1255 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 1256 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 1257 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 1258 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 1259 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1260 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1261 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 1262 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
|
|---|
| 1263 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
|
|---|
| 1264 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
|
|---|
| 1265 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1266 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1267 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1268 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1269 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1270 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1271 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1272 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1273 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1274 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1275 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1276 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1277 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
|
|---|
| 1278 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
|
|---|
| 1279 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll)WinVerifyTrust
|
|---|
| 1280 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 1281 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 1282 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll'
|
|---|
| 1283 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1284 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1285 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 1286 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 1287 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 1288 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
|
|---|
| 1289 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll'
|
|---|
| 1290 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
|
|---|
| 1291 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1292 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
|
|---|
| 1293 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
|
|---|
| 1294 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
|
|---|
| 1295 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1296 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1297 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1298 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 1299 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 1300 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 1301 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1302 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1303 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1304 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1305 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1306 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1307 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1308 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1309 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
|
|---|
| 1310 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
|
|---|
| 1311 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'gdi32.dll'.
|
|---|
| 1312 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
|
|---|
| 1313 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'.
|
|---|
| 1314 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll)WinVerifyTrust
|
|---|
| 1315 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
|
|---|
| 1316 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
|
|---|
| 1317 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
|
|---|
| 1318 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [redoing WinVerifyTrust]
|
|---|
| 1319 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1320 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1321 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
|
|---|
| 1322 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll'
|
|---|
| 1323 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
|
|---|
| 1324 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1325 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1326 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
|
|---|
| 1327 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1328 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1329 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
|
|---|
| 1330 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 1331 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 1332 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 1333 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1334 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1335 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1336 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1337 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1338 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1339 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1340 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1341 | 1a18.fa0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
|
|---|
| 1342 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 1343 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 1344 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 1345 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1346 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1347 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
|
|---|
| 1348 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1349 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1350 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1351 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1352 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1353 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1354 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1355 | 1a18.fa0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1356 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1357 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1358 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
|
|---|
| 1359 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1360 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1361 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1362 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1363 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1364 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1365 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1366 | 1a18.fa0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1367 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
|
|---|
| 1368 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll'
|
|---|
| 1369 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1370 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1371 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1372 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
|
|---|
| 1373 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
|
|---|
| 1374 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
|
|---|
| 1375 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
|
|---|
| 1376 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
|
|---|
| 1377 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
|
|---|
| 1378 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)WinVerifyTrust
|
|---|
| 1379 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
|
|---|
| 1380 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
|
|---|
| 1381 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll'
|
|---|
| 1382 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1383 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1384 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 1385 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 1386 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 1387 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
|
|---|
| 1388 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
|
|---|
| 1389 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'.
|
|---|
| 1390 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
|
|---|
| 1391 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
|
|---|
| 1392 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
|
|---|
| 1393 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
|
|---|
| 1394 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
|
|---|
| 1395 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
|
|---|
| 1396 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)
|
|---|
| 1397 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
|
|---|
| 1398 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
|
|---|
| 1399 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtguivbox4.dll'
|
|---|
| 1400 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'.
|
|---|
| 1401 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
|
|---|
| 1402 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
|
|---|
| 1403 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
|
|---|
| 1404 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
|
|---|
| 1405 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
|
|---|
| 1406 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
|
|---|
| 1407 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
|
|---|
| 1408 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
|
|---|
| 1409 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
|
|---|
| 1410 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
|
|---|
| 1411 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
|
|---|
| 1412 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
|
|---|
| 1413 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
|
|---|
| 1414 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)
|
|---|
| 1415 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
|
|---|
| 1416 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1417 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1418 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1419 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1420 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1421 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 1422 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
|
|---|
| 1423 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
|
|---|
| 1424 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'.
|
|---|
| 1425 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1426 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
|
|---|
| 1427 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
|
|---|
| 1428 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
|
|---|
| 1429 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
|
|---|
| 1430 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
|
|---|
| 1431 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)
|
|---|
| 1432 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 1433 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1434 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1435 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1436 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
|
|---|
| 1437 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume3\Windows\System32\ddraw.dll'
|
|---|
| 1438 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\ddraw.dll'.
|
|---|
| 1439 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1440 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'user32.dll'.
|
|---|
| 1441 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'gdi32.dll'.
|
|---|
| 1442 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'dciman32.dll'.
|
|---|
| 1443 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\ddraw.dll)
|
|---|
| 1444 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ddraw.dll
|
|---|
| 1445 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
|
|---|
| 1446 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll'
|
|---|
| 1447 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
|
|---|
| 1448 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1449 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
|
|---|
| 1450 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 1451 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)
|
|---|
| 1452 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
|
|---|
| 1453 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1454 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1455 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 1456 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 1457 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 1458 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 1459 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1460 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1461 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1462 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 1463 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 1464 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 1465 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
|
|---|
| 1466 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll'
|
|---|
| 1467 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
|
|---|
| 1468 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
|
|---|
| 1469 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
|
|---|
| 1470 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 1471 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
|
|---|
| 1472 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
|
|---|
| 1473 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 1474 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 1475 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 1476 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 1477 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1478 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1479 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1480 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 1481 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll'
|
|---|
| 1482 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
|
|---|
| 1483 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
|
|---|
| 1484 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume3\Windows\System32\winspool.drv'
|
|---|
| 1485 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\winspool.drv'.
|
|---|
| 1486 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1487 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\winspool.drv)
|
|---|
| 1488 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winspool.drv
|
|---|
| 1489 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
|
|---|
| 1490 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll'
|
|---|
| 1491 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
|
|---|
| 1492 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
|
|---|
| 1493 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll'
|
|---|
| 1494 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
|
|---|
| 1495 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
|
|---|
| 1496 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'msctf.dll'.
|
|---|
| 1497 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
|
|---|
| 1498 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
|
|---|
| 1499 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 1500 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll'
|
|---|
| 1501 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 1502 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
|
|---|
| 1503 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll'
|
|---|
| 1504 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
|
|---|
| 1505 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1506 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1507 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 1508 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 1509 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 1510 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 1511 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
|
|---|
| 1512 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll'
|
|---|
| 1513 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
|
|---|
| 1514 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 1515 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 1516 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 1517 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 1518 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 1519 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 1520 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 1521 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll'
|
|---|
| 1522 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
|
|---|
| 1523 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1524 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1525 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1526 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
|
|---|
| 1527 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume3\Windows\System32\msctf.dll'
|
|---|
| 1528 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msctf.dll'.
|
|---|
| 1529 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1530 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
|
|---|
| 1531 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
|
|---|
| 1532 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'imm32.dll'.
|
|---|
| 1533 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
|
|---|
| 1534 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
|
|---|
| 1535 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1536 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1537 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1538 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1539 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1540 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1541 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1542 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1543 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1544 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
|
|---|
| 1545 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
|
|---|
| 1546 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
|
|---|
| 1547 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1548 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1549 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1550 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
|
|---|
| 1551 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume3\Windows\System32\dciman32.dll'
|
|---|
| 1552 | 1a18.fa0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\dciman32.dll'.
|
|---|
| 1553 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1554 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
|
|---|
| 1555 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
|
|---|
| 1556 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dciman32.dll)
|
|---|
| 1557 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dciman32.dll
|
|---|
| 1558 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1559 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1560 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 1561 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1562 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1563 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1564 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1565 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1566 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1567 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1568 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1569 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1570 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1571 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1572 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 1573 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1574 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1575 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1576 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
|
|---|
| 1577 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll'
|
|---|
| 1578 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
|
|---|
| 1579 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1580 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1581 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 1582 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1583 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1584 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1585 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1586 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1587 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1588 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1589 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
|
|---|
| 1590 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
|
|---|
| 1591 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
|
|---|
| 1592 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll)WinVerifyTrust
|
|---|
| 1593 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
|
|---|
| 1594 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
|
|---|
| 1595 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtguivbox4.dll'
|
|---|
| 1596 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [redoing WinVerifyTrust]
|
|---|
| 1597 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1598 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1599 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 1600 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 1601 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 1602 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
|
|---|
| 1603 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
|
|---|
| 1604 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
|
|---|
| 1605 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 1606 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 1607 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 1608 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1609 | 1a18.fa0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'
|
|---|
| 1610 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
|
|---|
| 1611 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
|
|---|
| 1612 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [redoing WinVerifyTrust]
|
|---|
| 1613 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1614 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1615 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1616 | 1a18.fa0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'
|
|---|
| 1617 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 1618 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 1619 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 1620 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
|
|---|
| 1621 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll'
|
|---|
| 1622 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
|
|---|
| 1623 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 1624 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 1625 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 1626 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
|
|---|
| 1627 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
|
|---|
| 1628 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
|
|---|
| 1629 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004ac pwszName=\Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 1630 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 1631 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 1632 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E7B21317A30D467EC23A2D5AE5A00919E81ECF45
|
|---|
| 1633 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1634 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1635 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1636 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1637 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1638 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1639 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1640 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
|
|---|
| 1641 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 1642 | 1a18.fa0: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
|
|---|
| 1643 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
|
|---|
| 1644 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 1645 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
|
|---|
| 1646 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
|
|---|
| 1647 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
|
|---|
| 1648 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
|
|---|
| 1649 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
|
|---|
| 1650 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
|
|---|
| 1651 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
|
|---|
| 1652 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
|
|---|
| 1653 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [avoiding WinVerifyTrust]
|
|---|
| 1654 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
|
|---|
| 1655 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
|
|---|
| 1656 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
|
|---|
| 1657 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll)
|
|---|
| 1658 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll
|
|---|
| 1659 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
|
|---|
| 1660 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
|
|---|
| 1661 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
|
|---|
| 1662 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
|
|---|
| 1663 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1664 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'combase.dll'.
|
|---|
| 1665 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
|
|---|
| 1666 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
|
|---|
| 1667 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1668 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1669 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
|
|---|
| 1670 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll'
|
|---|
| 1671 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
|
|---|
| 1672 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1673 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1674 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1675 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1676 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1677 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1678 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1679 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1680 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 1681 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 1682 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 1683 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 1684 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1685 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1686 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1687 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1688 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1689 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'
|
|---|
| 1690 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000510 pwszName=\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll
|
|---|
| 1691 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 1692 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 1693 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0B6F85C85728A0522988F3BA15B32993C5E6F65A
|
|---|
| 1694 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1695 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1696 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1697 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1698 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1699 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1700 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1701 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-shell~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll'
|
|---|
| 1702 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 1703 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll'
|
|---|
| 1704 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d0 pwszName=\Device\HarddiskVolume3\Windows\System32\dciman32.dll
|
|---|
| 1705 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 1706 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 1707 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F7054D7E2435C8185055FC10D72A003A1DA9E42A
|
|---|
| 1708 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1709 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1710 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1711 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1712 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1713 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1714 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1715 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\dciman32.dll'
|
|---|
| 1716 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 1717 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dciman32.dll'
|
|---|
| 1718 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1719 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1720 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1721 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1722 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1723 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1724 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1725 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll'
|
|---|
| 1726 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1727 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1728 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1729 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1730 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1731 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1732 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1733 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll'
|
|---|
| 1734 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000504 pwszName=\Device\HarddiskVolume3\Windows\System32\winspool.drv
|
|---|
| 1735 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 1736 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 1737 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=301C08682DA17C67E9303CDB8A53D6714879AAB6
|
|---|
| 1738 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1739 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1740 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1741 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1742 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1743 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1744 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1745 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_458_for_KB2975719~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume3\Windows\System32\winspool.drv'
|
|---|
| 1746 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 1747 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winspool.drv'
|
|---|
| 1748 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000534 pwszName=\Device\HarddiskVolume3\Windows\System32\glu32.dll
|
|---|
| 1749 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 1750 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 1751 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3E2A9E0BA990B5B324512157B6832A46A7F5FC7E
|
|---|
| 1752 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1753 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1754 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1755 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1756 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1757 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1758 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1759 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\glu32.dll'
|
|---|
| 1760 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 1761 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll'
|
|---|
| 1762 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c8 pwszName=\Device\HarddiskVolume3\Windows\System32\ddraw.dll
|
|---|
| 1763 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 1764 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 1765 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=31DF65C62254C7AE52D40C6878D7F8B35E0367A8
|
|---|
| 1766 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1767 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1768 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1769 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1770 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1771 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1772 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1773 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\ddraw.dll'
|
|---|
| 1774 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 1775 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ddraw.dll'
|
|---|
| 1776 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1777 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1778 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1779 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1780 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1781 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1782 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1783 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\combase.dll'
|
|---|
| 1784 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1785 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1786 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1787 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1788 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1789 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1790 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1791 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
|
|---|
| 1792 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004ec pwszName=\Device\HarddiskVolume3\Windows\System32\comctl32.dll
|
|---|
| 1793 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 1794 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 1795 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0B6F85C85728A0522988F3BA15B32993C5E6F65A
|
|---|
| 1796 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1797 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1798 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1799 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1800 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1801 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1802 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1803 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-shell~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\comctl32.dll'
|
|---|
| 1804 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 1805 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'
|
|---|
| 1806 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1807 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1808 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1809 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1810 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1811 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1812 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1813 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
|
|---|
| 1814 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1815 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1816 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1817 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1818 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1819 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1820 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1821 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\devobj.dll'
|
|---|
| 1822 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1823 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1824 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1825 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1826 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1827 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1828 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1829 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'
|
|---|
| 1830 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=imm32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1831 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'imm32.dll' -> 'C:\Windows\system32\imm32.dll' [rcNt=0xc0150008]
|
|---|
| 1832 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
|
|---|
| 1833 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b200000 'C:\Windows\system32\imm32.dll'
|
|---|
| 1834 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8df530000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
|
|---|
| 1835 | 1a18.fa0: SUPR3HardenedMain: Calling TrustedMain (00007ff8df531ca0)...
|
|---|
| 1836 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1837 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
|
|---|
| 1838 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff909050000 'C:\Windows\system32\winmm.dll'
|
|---|
| 1839 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 1840 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005bc pwszName=\Device\HarddiskVolume3\Windows\System32\uxtheme.dll
|
|---|
| 1841 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 1842 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 1843 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4235D21C52BC6FC9D5B6A7B3CE61ED85F804B2B7
|
|---|
| 1844 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1845 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1846 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1847 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1848 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1849 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1850 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1851 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2550_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
|
|---|
| 1852 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 1853 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1854 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
|
|---|
| 1855 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'.
|
|---|
| 1856 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll)WinVerifyTrust
|
|---|
| 1857 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
|
|---|
| 1858 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1859 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1860 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 1861 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1862 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1863 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1864 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1865 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1866 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1867 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
|
|---|
| 1868 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff909940000 'C:\Windows\system32\uxtheme.dll'
|
|---|
| 1869 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 1870 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
|
|---|
| 1871 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff909940000 'C:\Windows\system32\uxtheme.dll'
|
|---|
| 1872 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 1873 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
|
|---|
| 1874 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff909940000 'C:\Windows\system32\uxtheme.dll'
|
|---|
| 1875 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 1876 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
|
|---|
| 1877 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff909940000 'C:\Windows\system32\uxtheme.dll'
|
|---|
| 1878 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1879 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'user32.dll'.
|
|---|
| 1880 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'gdi32.dll'.
|
|---|
| 1881 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dwmapi.dll)
|
|---|
| 1882 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
|
|---|
| 1883 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
|
|---|
| 1884 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
|
|---|
| 1885 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
|
|---|
| 1886 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
|
|---|
| 1887 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1888 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1889 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 1890 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 1891 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 1892 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1893 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1894 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1895 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 1896 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 1897 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 1898 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 1899 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 1900 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1901 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1902 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1903 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1904 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1905 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1906 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1907 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1908 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1909 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'
|
|---|
| 1910 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1911 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1912 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1913 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1914 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1915 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1916 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1917 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'
|
|---|
| 1918 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1919 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 1920 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 1921 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1922 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 1923 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90d750000 'C:\Windows\system32\kernel32.dll'
|
|---|
| 1924 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1925 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
|
|---|
| 1926 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff909940000 'C:\Windows\system32\uxtheme.dll'
|
|---|
| 1927 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1928 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
|
|---|
| 1929 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff909940000 'C:\Windows\system32\uxtheme.dll'
|
|---|
| 1930 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1931 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 2
|
|---|
| 1932 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
|
|---|
| 1933 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1934 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1935 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b5a0000 'C:\Windows\system32\user32.dll'
|
|---|
| 1936 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1937 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
|
|---|
| 1938 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff909940000 'C:\Windows\system32\uxtheme.dll'
|
|---|
| 1939 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1940 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 1941 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b5a0000 'C:\Windows\system32\user32.dll'
|
|---|
| 1942 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1943 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 1944 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b430000 'C:\Windows\system32\advapi32.dll'
|
|---|
| 1945 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1946 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1947 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1948 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1949 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1950 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1951 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1952 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1953 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1954 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
|
|---|
| 1955 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'profapi.dll'.
|
|---|
| 1956 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\userenv.dll)WinVerifyTrust
|
|---|
| 1957 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll
|
|---|
| 1958 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
|
|---|
| 1959 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
|
|---|
| 1960 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll
|
|---|
| 1961 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 1962 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 1963 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 1964 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1965 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1966 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1967 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
|
|---|
| 1968 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a2a0000 'C:\Windows\system32\userenv.dll'
|
|---|
| 1969 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1970 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 1971 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90d750000 'C:\Windows\system32\kernel32.dll'
|
|---|
| 1972 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 1973 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
|
|---|
| 1974 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
|
|---|
| 1975 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
|
|---|
| 1976 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1977 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1978 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 1979 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 1980 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 1981 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 1982 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 1983 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 1984 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1985 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1986 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 1987 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 1988 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 1989 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\clbcatq.dll'
|
|---|
| 1990 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 1991 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 1992 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 1993 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 1994 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 1995 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b4e0000 'C:\Windows\System32\oleaut32.dll'
|
|---|
| 1996 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\sxs.dll)
|
|---|
| 1997 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sxs.dll
|
|---|
| 1998 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000690 pwszName=\Device\HarddiskVolume3\Windows\System32\sxs.dll
|
|---|
| 1999 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2000 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2001 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=687F47861CE02066FB64E8228B3C4D091FA20854
|
|---|
| 2002 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2003 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2004 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2005 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2006 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2007 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2008 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2009 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume3\Windows\System32\sxs.dll'
|
|---|
| 2010 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2011 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sxs.dll'
|
|---|
| 2012 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2013 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32' -> 'C:\Windows\system32\OLEAUT32.dll' [rcNt=0xc0150008]
|
|---|
| 2014 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 2015 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b4e0000 'C:\Windows\system32\OLEAUT32.dll'
|
|---|
| 2016 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2017 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 2
|
|---|
| 2018 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
|
|---|
| 2019 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2020 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 2021 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90d310000 'C:\Windows\system32\gdi32.dll'
|
|---|
| 2022 | 1a18.af8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 2023 | 1a18.af8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2024 | 1a18.af8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2025 | 1a18.af8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2026 | 1a18.af8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2027 | 1a18.af8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
|
|---|
| 2028 | 1a18.af8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
|
|---|
| 2029 | 1a18.af8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
|
|---|
| 2030 | 1a18.af8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
|
|---|
| 2031 | 1a18.af8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
|
|---|
| 2032 | 1a18.af8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
|
|---|
| 2033 | 1a18.af8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll)WinVerifyTrust
|
|---|
| 2034 | 1a18.af8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
|
|---|
| 2035 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 2036 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll'
|
|---|
| 2037 | 1a18.af8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 2038 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 2039 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll'
|
|---|
| 2040 | 1a18.af8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
|
|---|
| 2041 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 2042 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 2043 | 1a18.af8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 2044 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 2045 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 2046 | 1a18.af8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 2047 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2048 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2049 | 1a18.af8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2050 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
|
|---|
| 2051 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll'
|
|---|
| 2052 | 1a18.af8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
|
|---|
| 2053 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2054 | 1a18.af8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2055 | 1a18.af8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2056 | 1a18.af8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
|
|---|
| 2057 | 1a18.af8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8df040000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
|
|---|
| 2058 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2059 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 2060 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b5a0000 'C:\Windows\system32\user32.dll'
|
|---|
| 2061 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2062 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 2063 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 2064 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 2065 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
|
|---|
| 2066 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b2b0000 'C:\Windows\system32\ole32.dll'
|
|---|
| 2067 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 2068 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll
|
|---|
| 2069 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ba40000 'C:\Windows\system32\MSCTF.dll'
|
|---|
| 2070 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=ole32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2071 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'ole32.dll' -> 'C:\Windows\system32\ole32.dll' [rcNt=0xc0150008]
|
|---|
| 2072 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
|
|---|
| 2073 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b2b0000 'C:\Windows\system32\ole32.dll'
|
|---|
| 2074 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2075 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.dll' -> 'C:\Windows\system32\OLEAUT32.dll' [rcNt=0xc0150008]
|
|---|
| 2076 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 2077 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b4e0000 'C:\Windows\system32\OLEAUT32.dll'
|
|---|
| 2078 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 2079 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a3c pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
|
|---|
| 2080 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2081 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2082 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7236FDED02E3449B6CA92FB6E4246EBF9068E8BF
|
|---|
| 2083 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2084 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2085 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2086 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2087 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2088 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2089 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2090 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_110_for_KB2962409~31bf3856ad364e35~amd64~~6.3.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll'
|
|---|
| 2091 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2092 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 2093 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
|
|---|
| 2094 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
|
|---|
| 2095 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll)WinVerifyTrust
|
|---|
| 2096 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
|
|---|
| 2097 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
|
|---|
| 2098 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll'
|
|---|
| 2099 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a58 pwszName=\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
|
|---|
| 2100 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2101 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2102 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C8CF4605B4B026F3426876C8B971F3B65D680FCA
|
|---|
| 2103 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2104 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2105 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2106 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2107 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2108 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2109 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2110 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll'
|
|---|
| 2111 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2112 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 2113 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'ws2_32.dll'.
|
|---|
| 2114 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll)WinVerifyTrust
|
|---|
| 2115 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
|
|---|
| 2116 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 2117 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 2118 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 2119 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2120 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2121 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2122 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 2123 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 2124 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 2125 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2126 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2127 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2128 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
|
|---|
| 2129 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
|
|---|
| 2130 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 2131 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ad00000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
|
|---|
| 2132 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff905470000 'C:\Windows\system32\wbem\wbemprox.dll'
|
|---|
| 2133 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 2134 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a5c pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
|
|---|
| 2135 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2136 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2137 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CAF9F72D1022230646E0EDB101D9050122FBB222
|
|---|
| 2138 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2139 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2140 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2141 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2142 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2143 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2144 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2145 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_110_for_KB2962409~31bf3856ad364e35~amd64~~6.3.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll'
|
|---|
| 2146 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2147 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 2148 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
|
|---|
| 2149 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll)WinVerifyTrust
|
|---|
| 2150 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
|
|---|
| 2151 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 2152 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 2153 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 2154 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2155 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2156 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2157 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
|
|---|
| 2158 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff900c90000 'C:\Windows\system32\wbem\wbemsvc.dll'
|
|---|
| 2159 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 2160 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ad00000 'api-ms-win-core-localization-l1-2-0.dll'
|
|---|
| 2161 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 2162 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ad00000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
|
|---|
| 2163 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 2164 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ab8 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
|
|---|
| 2165 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2166 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2167 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3F29F8F4F858A7AFDF4CD047A78948C26E8333B6
|
|---|
| 2168 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2169 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2170 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2171 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2172 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2173 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2174 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2175 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll'
|
|---|
| 2176 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2177 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 2178 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
|
|---|
| 2179 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll)WinVerifyTrust
|
|---|
| 2180 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
|
|---|
| 2181 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
|
|---|
| 2182 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll'
|
|---|
| 2183 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
|
|---|
| 2184 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2185 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2186 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2187 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
|
|---|
| 2188 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff900cf0000 'C:\Windows\system32\wbem\fastprox.dll'
|
|---|
| 2189 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2190 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.dll' -> 'C:\Windows\system32\OLEAUT32.dll' [rcNt=0xc0150008]
|
|---|
| 2191 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 2192 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b4e0000 'C:\Windows\system32\OLEAUT32.dll'
|
|---|
| 2193 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\comctl32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2194 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comctl32.dll
|
|---|
| 2195 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b090000 'C:\Windows\system32\comctl32.dll'
|
|---|
| 2196 | 1a18.1b4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2197 | 1a18.1b4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2198 | 1a18.1b4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2199 | 1a18.1b4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2200 | 1a18.1b4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2201 | 1a18.1b4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2202 | 1a18.1b4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2203 | 1a18.1b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2204 | 1a18.1b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
|
|---|
| 2205 | 1a18.1b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
|
|---|
| 2206 | 1a18.1b4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll)WinVerifyTrust
|
|---|
| 2207 | 1a18.1b4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
|
|---|
| 2208 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2209 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2210 | 1a18.1b4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2211 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
|
|---|
| 2212 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrem.dll'
|
|---|
| 2213 | 1a18.1b4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2214 | 1a18.1b4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2215 | 1a18.1b4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2216 | 1a18.1b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
|
|---|
| 2217 | 1a18.1b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
|
|---|
| 2218 | 1a18.1b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
|
|---|
| 2219 | 1a18.1b4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxREM.dll)WinVerifyTrust
|
|---|
| 2220 | 1a18.1b4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxREM.dll
|
|---|
| 2221 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2222 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2223 | 1a18.1b4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2224 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2225 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2226 | 1a18.1b4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2227 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
|
|---|
| 2228 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll'
|
|---|
| 2229 | 1a18.1b4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
|
|---|
| 2230 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2231 | 1a18.1b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2232 | 1a18.1b4c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2233 | 1a18.1b4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
|
|---|
| 2234 | 1a18.1b4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxREM.dll
|
|---|
| 2235 | 1a18.1b4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8de830000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
|
|---|
| 2236 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2237 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2238 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2239 | 1a18.cc8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2240 | 1a18.cc8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2241 | 1a18.cc8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2242 | 1a18.cc8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2243 | 1a18.cc8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2244 | 1a18.cc8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2245 | 1a18.cc8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2246 | 1a18.cc8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2247 | 1a18.cc8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
|
|---|
| 2248 | 1a18.cc8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
|
|---|
| 2249 | 1a18.cc8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
|
|---|
| 2250 | 1a18.cc8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll)WinVerifyTrust
|
|---|
| 2251 | 1a18.cc8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
|
|---|
| 2252 | 1a18.cc8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 2253 | 1a18.cc8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 2254 | 1a18.cc8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 2255 | 1a18.cc8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2256 | 1a18.cc8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2257 | 1a18.cc8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2258 | 1a18.cc8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
|
|---|
| 2259 | 1a18.cc8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll'
|
|---|
| 2260 | 1a18.cc8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
|
|---|
| 2261 | 1a18.cc8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2262 | 1a18.cc8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2263 | 1a18.cc8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2264 | 1a18.cc8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
|
|---|
| 2265 | 1a18.cc8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff909070000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
|
|---|
| 2266 | 1a18.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2267 | 1a18.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2268 | 1a18.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2269 | 1a18.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2270 | 1a18.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2271 | 1a18.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2272 | 1a18.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2273 | 1a18.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2274 | 1a18.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
|
|---|
| 2275 | 1a18.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll)WinVerifyTrust
|
|---|
| 2276 | 1a18.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
|
|---|
| 2277 | 1a18.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2278 | 1a18.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2279 | 1a18.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2280 | 1a18.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2281 | 1a18.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2282 | 1a18.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2283 | 1a18.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
|
|---|
| 2284 | 1a18.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8feb40000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
|
|---|
| 2285 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2286 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2287 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2288 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2289 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2290 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2291 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2292 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2293 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
|
|---|
| 2294 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
|
|---|
| 2295 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxvmm.dll'.
|
|---|
| 2296 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxoglrenderspu.dll'.
|
|---|
| 2297 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
|
|---|
| 2298 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
|
|---|
| 2299 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'oleaut32.dll'.
|
|---|
| 2300 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll)WinVerifyTrust
|
|---|
| 2301 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
|
|---|
| 2302 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 2303 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll'
|
|---|
| 2304 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 2305 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 2306 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll'
|
|---|
| 2307 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
|
|---|
| 2308 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 2309 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 2310 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 2311 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglrenderspu.dll'...
|
|---|
| 2312 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglrenderspu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglrenderspu.dll'
|
|---|
| 2313 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2314 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2315 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2316 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2317 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
|
|---|
| 2318 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
|
|---|
| 2319 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
|
|---|
| 2320 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
|
|---|
| 2321 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
|
|---|
| 2322 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll)WinVerifyTrust
|
|---|
| 2323 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
|
|---|
| 2324 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
|
|---|
| 2325 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll'
|
|---|
| 2326 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
|
|---|
| 2327 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2328 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2329 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2330 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
|
|---|
| 2331 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll'
|
|---|
| 2332 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2333 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2334 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 2335 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 2336 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 2337 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 2338 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 2339 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 2340 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 2341 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 2342 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 2343 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2344 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2345 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2346 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
|
|---|
| 2347 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll'
|
|---|
| 2348 | 1a18.430: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll'.
|
|---|
| 2349 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2350 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
|
|---|
| 2351 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 2352 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
|
|---|
| 2353 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
|
|---|
| 2354 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll)
|
|---|
| 2355 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
|
|---|
| 2356 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2357 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2358 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2359 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 2360 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 2361 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 2362 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
|
|---|
| 2363 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
|
|---|
| 2364 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
|
|---|
| 2365 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 2366 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 2367 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 2368 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2369 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2370 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2371 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2372 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2373 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2374 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2375 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2376 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
|
|---|
| 2377 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 2378 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
|
|---|
| 2379 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
|
|---|
| 2380 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll)WinVerifyTrust
|
|---|
| 2381 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2382 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2383 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2384 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 2385 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 2386 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 2387 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
|
|---|
| 2388 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
|
|---|
| 2389 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
|
|---|
| 2390 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 2391 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 2392 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 2393 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2394 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2395 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2396 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2397 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2398 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2399 | 1a18.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
|
|---|
| 2400 | 1a18.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll [avoiding WinVerifyTrust]
|
|---|
| 2401 | 1a18.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
|
|---|
| 2402 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8def10000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL'
|
|---|
| 2403 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2404 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2405 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2406 | 1a18.430: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll'
|
|---|
| 2407 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-version-l1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2408 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ad00000 'api-ms-win-core-version-l1-1-0.dll'
|
|---|
| 2409 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\napinsp.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2410 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b4c pwszName=\Device\HarddiskVolume3\Windows\System32\NapiNSP.dll
|
|---|
| 2411 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2412 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2413 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8548279B14A30E4824262EB33D657E95344DC
|
|---|
| 2414 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2415 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2416 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2417 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2418 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2419 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2420 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2421 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-net~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\NapiNSP.dll'
|
|---|
| 2422 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2423 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 2424 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
|
|---|
| 2425 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\NapiNSP.dll)WinVerifyTrust
|
|---|
| 2426 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\NapiNSP.dll
|
|---|
| 2427 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 2428 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 2429 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 2430 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2431 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2432 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2433 | 1a18.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NapiNSP.dll
|
|---|
| 2434 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9011c0000 'C:\Windows\system32\napinsp.dll'
|
|---|
| 2435 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\pnrpnsp.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2436 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bec pwszName=\Device\HarddiskVolume3\Windows\System32\pnrpnsp.dll
|
|---|
| 2437 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2438 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2439 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=941AFC268B172F15EE3A4722BA2DBB9E79DAFE82
|
|---|
| 2440 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2441 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2442 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2443 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2444 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2445 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2446 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2447 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-Full-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\pnrpnsp.dll'
|
|---|
| 2448 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2449 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 2450 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\pnrpnsp.dll)WinVerifyTrust
|
|---|
| 2451 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\pnrpnsp.dll
|
|---|
| 2452 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2453 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2454 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2455 | 1a18.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\pnrpnsp.dll
|
|---|
| 2456 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9011e0000 'C:\Windows\system32\pnrpnsp.dll'
|
|---|
| 2457 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\pnrpnsp.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2458 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\pnrpnsp.dll
|
|---|
| 2459 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9011e0000 'C:\Windows\system32\pnrpnsp.dll'
|
|---|
| 2460 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\NLAapi.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2461 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c40 pwszName=\Device\HarddiskVolume3\Windows\System32\nlaapi.dll
|
|---|
| 2462 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2463 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2464 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9F21E64793E06E1BA9D416644C4FCD2C96CCA671
|
|---|
| 2465 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2466 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2467 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2468 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2469 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2470 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2471 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2472 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-net~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\nlaapi.dll'
|
|---|
| 2473 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2474 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 2475 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
|
|---|
| 2476 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nlaapi.dll)WinVerifyTrust
|
|---|
| 2477 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nlaapi.dll
|
|---|
| 2478 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 2479 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 2480 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 2481 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2482 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2483 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2484 | 1a18.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nlaapi.dll
|
|---|
| 2485 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff906a70000 'C:\Windows\system32\NLAapi.dll'
|
|---|
| 2486 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\mswsock.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2487 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c58 pwszName=\Device\HarddiskVolume3\Windows\System32\mswsock.dll
|
|---|
| 2488 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2489 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2490 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C64ACDC3BD0BFFE24C87951473EBAE5CBEDAA02F
|
|---|
| 2491 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2492 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2493 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2494 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2495 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2496 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2497 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2498 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CoreSystem-Minio-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\mswsock.dll'
|
|---|
| 2499 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2500 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
|
|---|
| 2501 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
|
|---|
| 2502 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mswsock.dll)WinVerifyTrust
|
|---|
| 2503 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mswsock.dll
|
|---|
| 2504 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 2505 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 2506 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 2507 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 2508 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 2509 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 2510 | 1a18.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll
|
|---|
| 2511 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a4f0000 'C:\Windows\System32\mswsock.dll'
|
|---|
| 2512 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'ws2_32.dll'.
|
|---|
| 2513 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'nsi.dll'.
|
|---|
| 2514 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dnsapi.dll)
|
|---|
| 2515 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dnsapi.dll
|
|---|
| 2516 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c48 pwszName=\Device\HarddiskVolume3\Windows\System32\dnsapi.dll
|
|---|
| 2517 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2518 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2519 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=91348AB3DF193F9E876E8AABB42B2044FE3BC4F5
|
|---|
| 2520 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2521 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2522 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
|
|---|
| 2523 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll'
|
|---|
| 2524 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll
|
|---|
| 2525 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 2526 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 2527 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 2528 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2529 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2530 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2531 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2532 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2533 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_180_for_KB2934018~31bf3856ad364e35~amd64~~6.3.1.5.cat'; file='\Device\HarddiskVolume3\Windows\System32\dnsapi.dll'
|
|---|
| 2534 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2535 | 1a18.430: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dnsapi.dll'
|
|---|
| 2536 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\winrnr.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2537 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c88 pwszName=\Device\HarddiskVolume3\Windows\System32\winrnr.dll
|
|---|
| 2538 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2539 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2540 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=302A56FC9F5DB19D5C8FFEFA3A432A33F3373816
|
|---|
| 2541 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2542 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2543 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2544 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2545 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2546 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2547 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2548 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-ds~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\winrnr.dll'
|
|---|
| 2549 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2550 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 2551 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winrnr.dll)WinVerifyTrust
|
|---|
| 2552 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winrnr.dll
|
|---|
| 2553 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2554 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2555 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2556 | 1a18.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winrnr.dll
|
|---|
| 2557 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff901230000 'C:\Windows\System32\winrnr.dll'
|
|---|
| 2558 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2559 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
|
|---|
| 2560 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f4750000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll'
|
|---|
| 2561 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2562 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2563 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2564 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2565 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2566 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
|
|---|
| 2567 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll)WinVerifyTrust
|
|---|
| 2568 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
|
|---|
| 2569 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
|
|---|
| 2570 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll'
|
|---|
| 2571 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
|
|---|
| 2572 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2573 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2574 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2575 | 1a18.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
|
|---|
| 2576 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f4730000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll'
|
|---|
| 2577 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/opengl32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2578 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 2579 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd9c0000 'C:\Windows\system32/opengl32.dll'
|
|---|
| 2580 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2581 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
|
|---|
| 2582 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 2583 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd9c0000 'C:\Windows\system32\OPENGL32.dll'
|
|---|
| 2584 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=gdi32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2585 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'gdi32' -> 'C:\Windows\system32\gdi32.dll' [rcNt=0xc0150008]
|
|---|
| 2586 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 2587 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90d310000 'C:\Windows\system32\gdi32.dll'
|
|---|
| 2588 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=ig75icd64.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2589 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'ig75icd64.dll' -> 'C:\Windows\system32\ig75icd64.dll' [rcNt=0xc0150008]
|
|---|
| 2590 | 1a18.430: \Device\HarddiskVolume3\Windows\System32\ig75icd64.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
|
|---|
| 2591 | 1a18.430: \Device\HarddiskVolume3\Windows\System32\ig75icd64.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 2592 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cb0 pwszName=\Device\HarddiskVolume3\Windows\System32\ig75icd64.dll
|
|---|
| 2593 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2594 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2595 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1DD7E3D4C7A1EE338A9B5B74131C3F022996A68C
|
|---|
| 2596 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2597 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2598 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2599 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem51.cat'; file='\Device\HarddiskVolume3\Windows\System32\ig75icd64.dll'
|
|---|
| 2600 | 1a18.430: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2601 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
|
|---|
| 2602 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'igdusc64.dll'.
|
|---|
| 2603 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 2604 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
|
|---|
| 2605 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
|
|---|
| 2606 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'dwmapi.dll'.
|
|---|
| 2607 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ig75icd64.dll)WinVerifyTrust
|
|---|
| 2608 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ig75icd64.dll
|
|---|
| 2609 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
|
|---|
| 2610 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'
|
|---|
| 2611 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
|
|---|
| 2612 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 2613 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 2614 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 2615 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 2616 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 2617 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 2618 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 2619 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 2620 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 2621 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'igdusc64.dll'...
|
|---|
| 2622 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'igdusc64.dll' -> '\Device\HarddiskVolume3\Windows\System32\igdusc64.dll'
|
|---|
| 2623 | 1a18.430: \Device\HarddiskVolume3\Windows\System32\igdusc64.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
|
|---|
| 2624 | 1a18.430: \Device\HarddiskVolume3\Windows\System32\igdusc64.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 2625 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2626 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2627 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2628 | 1a18.430: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume3\Windows\System32\igdusc64.dll'
|
|---|
| 2629 | 1a18.430: supHardenedWinVerifyImageByHandle: -> -22919 (\Device\HarddiskVolume3\Windows\System32\igdusc64.dll)WinVerifyTrust
|
|---|
| 2630 | 1a18.430: Error (rc=0):
|
|---|
| 2631 | 1a18.430: supR3HardenedScreenImage/Imports: rc=Unknown Status -22919 (0xffffa679) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume3\Windows\System32\igdusc64.dll: WinVerifyTrust failed with hrc=CERT_E_CHAINING on '\Device\HarddiskVolume3\Windows\System32\igdusc64.dll'
|
|---|
| 2632 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
|
|---|
| 2633 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
|
|---|
| 2634 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 2635 | 1a18.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ig75icd64.dll
|
|---|
| 2636 | 1a18.430: \Device\HarddiskVolume3\Windows\System32\igdusc64.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
|
|---|
| 2637 | 1a18.430: \Device\HarddiskVolume3\Windows\System32\igdusc64.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
|
|---|
| 2638 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\igdusc64.dll)
|
|---|
| 2639 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\igdusc64.dll
|
|---|
| 2640 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8dc0a0000 'C:\Windows\system32\ig75icd64.dll'
|
|---|
| 2641 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2642 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2643 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2644 | 1a18.430: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume3\Windows\System32\igdusc64.dll'
|
|---|
| 2645 | 1a18.430: supR3HardenedWinVerifyCacheProcessWvtTodos: -22919 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\igdusc64.dll'
|
|---|
| 2646 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=gdi32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2647 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'gdi32' -> 'C:\Windows\system32\gdi32.dll' [rcNt=0xc0150008]
|
|---|
| 2648 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 2649 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90d310000 'C:\Windows\system32\gdi32.dll'
|
|---|
| 2650 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=gdi32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2651 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'gdi32.dll' -> 'C:\Windows\system32\gdi32.dll' [rcNt=0xc0150008]
|
|---|
| 2652 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 2653 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90d310000 'C:\Windows\system32\gdi32.dll'
|
|---|
| 2654 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2655 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
|
|---|
| 2656 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 2657 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd9c0000 'C:\Windows\system32\OPENGL32.dll'
|
|---|
| 2658 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2659 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
|
|---|
| 2660 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 2661 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd9c0000 'C:\Windows\system32\OPENGL32.dll'
|
|---|
| 2662 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2663 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
|
|---|
| 2664 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 2665 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd9c0000 'C:\Windows\system32\OPENGL32.dll'
|
|---|
| 2666 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2667 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
|
|---|
| 2668 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 2669 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd9c0000 'C:\Windows\system32\OPENGL32.dll'
|
|---|
| 2670 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2671 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
|
|---|
| 2672 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 2673 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd9c0000 'C:\Windows\system32\OPENGL32.dll'
|
|---|
| 2674 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2675 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
|
|---|
| 2676 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 2677 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd9c0000 'C:\Windows\system32\OPENGL32.dll'
|
|---|
| 2678 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2679 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
|
|---|
| 2680 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 2681 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd9c0000 'C:\Windows\system32\OPENGL32.dll'
|
|---|
| 2682 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=version.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2683 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'version.dll' -> 'C:\Windows\system32\version.dll' [rcNt=0xc0150008]
|
|---|
| 2684 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2685 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2686 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2687 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2688 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2689 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2690 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2691 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
|
|---|
| 2692 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\version.dll)WinVerifyTrust
|
|---|
| 2693 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\version.dll
|
|---|
| 2694 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2695 | 1a18.430: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2696 | 1a18.430: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2697 | 1a18.430: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
|
|---|
| 2698 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904e80000 'C:\Windows\system32\version.dll'
|
|---|
| 2699 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2700 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
|
|---|
| 2701 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 2702 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd9c0000 'C:\Windows\system32\OPENGL32.dll'
|
|---|
| 2703 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 2704 | 1a18.430: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
|
|---|
| 2705 | 1a18.430: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll)
|
|---|
| 2706 | 1a18.430: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll
|
|---|
| 2707 | 1a18.208: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2708 | 1a18.208: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2709 | 1a18.208: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 2710 | 1a18.208: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 2711 | 1a18.208: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 2712 | 1a18.208: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2713 | 1a18.208: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2714 | 1a18.208: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2715 | 1a18.208: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2716 | 1a18.208: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2717 | 1a18.208: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2718 | 1a18.208: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2719 | 1a18.208: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2720 | 1a18.208: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'
|
|---|
| 2721 | 1a18.208: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2722 | 1a18.208: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2723 | 1a18.208: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2724 | 1a18.208: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2725 | 1a18.208: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2726 | 1a18.208: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2727 | 1a18.208: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2728 | 1a18.208: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2729 | 1a18.208: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
|
|---|
| 2730 | 1a18.208: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
|
|---|
| 2731 | 1a18.208: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll)WinVerifyTrust
|
|---|
| 2732 | 1a18.208: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
|
|---|
| 2733 | 1a18.208: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2734 | 1a18.208: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2735 | 1a18.208: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2736 | 1a18.208: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
|
|---|
| 2737 | 1a18.208: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll'
|
|---|
| 2738 | 1a18.208: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
|
|---|
| 2739 | 1a18.208: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2740 | 1a18.208: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2741 | 1a18.208: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2742 | 1a18.208: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
|
|---|
| 2743 | 1a18.208: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fe130000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
|
|---|
| 2744 | 1a18.37c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2745 | 1a18.37c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2746 | 1a18.37c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2747 | 1a18.37c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2748 | 1a18.37c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2749 | 1a18.37c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2750 | 1a18.37c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2751 | 1a18.37c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2752 | 1a18.37c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
|
|---|
| 2753 | 1a18.37c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
|
|---|
| 2754 | 1a18.37c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll)WinVerifyTrust
|
|---|
| 2755 | 1a18.37c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
|
|---|
| 2756 | 1a18.37c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2757 | 1a18.37c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2758 | 1a18.37c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2759 | 1a18.37c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
|
|---|
| 2760 | 1a18.37c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll'
|
|---|
| 2761 | 1a18.37c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
|
|---|
| 2762 | 1a18.37c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2763 | 1a18.37c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2764 | 1a18.37c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2765 | 1a18.37c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
|
|---|
| 2766 | 1a18.37c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f8310000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
|
|---|
| 2767 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2768 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2769 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2770 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2771 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2772 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2773 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2774 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2775 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
|
|---|
| 2776 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
|
|---|
| 2777 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
|
|---|
| 2778 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
|
|---|
| 2779 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
|
|---|
| 2780 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
|
|---|
| 2781 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
|
|---|
| 2782 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
|
|---|
| 2783 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
|
|---|
| 2784 | 1a18.1b9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll)WinVerifyTrust
|
|---|
| 2785 | 1a18.1b9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
|
|---|
| 2786 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
|
|---|
| 2787 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\iphlpapi.dll'
|
|---|
| 2788 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2789 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2790 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2791 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2792 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2793 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2794 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2795 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
|
|---|
| 2796 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winnsi.dll'.
|
|---|
| 2797 | 1a18.1b9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL)WinVerifyTrust
|
|---|
| 2798 | 1a18.1b9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
|
|---|
| 2799 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 2800 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll'
|
|---|
| 2801 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
|
|---|
| 2802 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 2803 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 2804 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 2805 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
|
|---|
| 2806 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll'
|
|---|
| 2807 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2808 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2809 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
|
|---|
| 2810 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\winnsi.dll'
|
|---|
| 2811 | 1a18.1b9c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winnsi.dll'.
|
|---|
| 2812 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
|
|---|
| 2813 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
|
|---|
| 2814 | 1a18.1b9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winnsi.dll)
|
|---|
| 2815 | 1a18.1b9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winnsi.dll
|
|---|
| 2816 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
|
|---|
| 2817 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll'
|
|---|
| 2818 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll
|
|---|
| 2819 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
|
|---|
| 2820 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll'
|
|---|
| 2821 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll
|
|---|
| 2822 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 2823 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 2824 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 2825 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2826 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2827 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2828 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2829 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2830 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'cfgmgr32.dll'.
|
|---|
| 2831 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
|
|---|
| 2832 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
|
|---|
| 2833 | 1a18.1b9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\setupapi.dll)WinVerifyTrust
|
|---|
| 2834 | 1a18.1b9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\setupapi.dll
|
|---|
| 2835 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 2836 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 2837 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 2838 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
|
|---|
| 2839 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxdd2.dll'
|
|---|
| 2840 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2841 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2842 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 2843 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 2844 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 2845 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2846 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2847 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2848 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
|
|---|
| 2849 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
|
|---|
| 2850 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
|
|---|
| 2851 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2852 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2853 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
|
|---|
| 2854 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
|
|---|
| 2855 | 1a18.1b9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll)WinVerifyTrust
|
|---|
| 2856 | 1a18.1b9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
|
|---|
| 2857 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
|
|---|
| 2858 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxddu.dll'
|
|---|
| 2859 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2860 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2861 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2862 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2863 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2864 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
|
|---|
| 2865 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll'
|
|---|
| 2866 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
|
|---|
| 2867 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2868 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2869 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2870 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2871 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 2872 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
|
|---|
| 2873 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
|
|---|
| 2874 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
|
|---|
| 2875 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'newdev.dll'.
|
|---|
| 2876 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
|
|---|
| 2877 | 1a18.1b9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll)WinVerifyTrust
|
|---|
| 2878 | 1a18.1b9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
|
|---|
| 2879 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2880 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2881 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2882 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
|
|---|
| 2883 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll'
|
|---|
| 2884 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
|
|---|
| 2885 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2886 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2887 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2888 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 2889 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 2890 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 2891 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'newdev.dll'...
|
|---|
| 2892 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'newdev.dll' -> '\Device\HarddiskVolume3\Windows\System32\newdev.dll'
|
|---|
| 2893 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e28 pwszName=\Device\HarddiskVolume3\Windows\System32\newdev.dll
|
|---|
| 2894 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2895 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2896 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EAD431E57FCC787ED701559E9AF2ACC33D2DCED0
|
|---|
| 2897 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2898 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2899 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2900 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2901 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2902 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2903 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2904 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1722_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\Device\HarddiskVolume3\Windows\System32\newdev.dll'
|
|---|
| 2905 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2906 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 2907 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
|
|---|
| 2908 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
|
|---|
| 2909 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
|
|---|
| 2910 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'uxtheme.dll'.
|
|---|
| 2911 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'cfgmgr32.dll'.
|
|---|
| 2912 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'setupapi.dll'.
|
|---|
| 2913 | 1a18.1b9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\newdev.dll)WinVerifyTrust
|
|---|
| 2914 | 1a18.1b9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\newdev.dll
|
|---|
| 2915 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
|
|---|
| 2916 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll'
|
|---|
| 2917 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
|
|---|
| 2918 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 2919 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 2920 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 2921 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 2922 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 2923 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 2924 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 2925 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 2926 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 2927 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
|
|---|
| 2928 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll'
|
|---|
| 2929 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
|
|---|
| 2930 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
|
|---|
| 2931 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
|
|---|
| 2932 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
|
|---|
| 2933 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
|
|---|
| 2934 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
|
|---|
| 2935 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
|
|---|
| 2936 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 2937 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 2938 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 2939 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 2940 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 2941 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 2942 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 2943 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 2944 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 2945 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2946 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2947 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2948 | 1a18.1b9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
|
|---|
| 2949 | 1a18.1b9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
|
|---|
| 2950 | 1a18.1b9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
|
|---|
| 2951 | 1a18.1b9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
|
|---|
| 2952 | 1a18.1b9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\newdev.dll
|
|---|
| 2953 | 1a18.1b9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
|
|---|
| 2954 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 2955 | 1a18.1b9c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\devrtl.dll)
|
|---|
| 2956 | 1a18.1b9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devrtl.dll
|
|---|
| 2957 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8db7e0000 'C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL'
|
|---|
| 2958 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e10 pwszName=\Device\HarddiskVolume3\Windows\System32\devrtl.dll
|
|---|
| 2959 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 2960 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 2961 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6059B260D211680DF083154CCCE38DE8412914CF
|
|---|
| 2962 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2963 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2964 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 2965 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 2966 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 2967 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2968 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2969 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2970 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2971 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2972 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CoreSystem-Base-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\devrtl.dll'
|
|---|
| 2973 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 2974 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\devrtl.dll'
|
|---|
| 2975 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2976 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2977 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2978 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2979 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 2980 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 2981 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 2982 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winnsi.dll'
|
|---|
| 2983 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2984 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2985 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2986 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxC.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2987 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
|
|---|
| 2988 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8df040000 'C:\Program Files\Oracle\VirtualBox/VBoxC.DLL'
|
|---|
| 2989 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2990 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2991 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2992 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2993 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
|
|---|
| 2994 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f46f0000 'C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL'
|
|---|
| 2995 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2996 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 2997 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 2998 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 2999 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3000 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3001 | 1a18.121c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3002 | 1a18.121c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3003 | 1a18.121c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3004 | 1a18.121c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3005 | 1a18.121c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3006 | 1a18.121c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3007 | 1a18.121c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3008 | 1a18.121c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
|
|---|
| 3009 | 1a18.121c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
|
|---|
| 3010 | 1a18.121c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
|
|---|
| 3011 | 1a18.121c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll)WinVerifyTrust
|
|---|
| 3012 | 1a18.121c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
|
|---|
| 3013 | 1a18.121c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
|
|---|
| 3014 | 1a18.121c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll'
|
|---|
| 3015 | 1a18.121c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
|
|---|
| 3016 | 1a18.121c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
|
|---|
| 3017 | 1a18.121c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll'
|
|---|
| 3018 | 1a18.121c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
|
|---|
| 3019 | 1a18.121c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
|
|---|
| 3020 | 1a18.121c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
|
|---|
| 3021 | 1a18.121c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
|
|---|
| 3022 | 1a18.121c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
|
|---|
| 3023 | 1a18.121c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f8170000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
|
|---|
| 3024 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Iphlpapi.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3025 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
|
|---|
| 3026 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff906210000 'C:\Windows\system32/Iphlpapi.dll'
|
|---|
| 3027 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
|
|---|
| 3028 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
|
|---|
| 3029 | 1a18.1b9c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll)
|
|---|
| 3030 | 1a18.1b9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
|
|---|
| 3031 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
|
|---|
| 3032 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
|
|---|
| 3033 | 1a18.1b9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'nsi.dll'.
|
|---|
| 3034 | 1a18.1b9c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll)
|
|---|
| 3035 | 1a18.1b9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
|
|---|
| 3036 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f40 pwszName=\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
|
|---|
| 3037 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 3038 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 3039 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B2E8A5C503120A11AEA21658FF24E56CA6FD0F29
|
|---|
| 3040 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3041 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3042 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
|
|---|
| 3043 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll'
|
|---|
| 3044 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll
|
|---|
| 3045 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 3046 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 3047 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 3048 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 3049 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 3050 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 3051 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
|
|---|
| 3052 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
|
|---|
| 3053 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
|
|---|
| 3054 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 3055 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 3056 | 1a18.1b9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 3057 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3058 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3059 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3060 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3061 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3062 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_198_for_KB2962409~31bf3856ad364e35~amd64~~6.3.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll'
|
|---|
| 3063 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 3064 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll'
|
|---|
| 3065 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e80 pwszName=\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
|
|---|
| 3066 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 3067 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 3068 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F1462D922EF889F4B0A9FD14B2DFE30CDCB183D5
|
|---|
| 3069 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3070 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3071 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3072 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3073 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3074 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3075 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3076 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_198_for_KB2962409~31bf3856ad364e35~amd64~~6.3.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll'
|
|---|
| 3077 | 1a18.1b9c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 3078 | 1a18.1b9c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll'
|
|---|
| 3079 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/kernel32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3080 | 1a18.1b9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
|
|---|
| 3081 | 1a18.1b9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90d750000 'C:\Windows\system32/kernel32.dll'
|
|---|
| 3082 | 1a18.aa4: '\Device\HarddiskVolume3\Windows\System32\tzres.dll' has no imports
|
|---|
| 3083 | 1a18.aa4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\tzres.dll)
|
|---|
| 3084 | 1a18.aa4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\tzres.dll
|
|---|
| 3085 | 1a18.aa4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\tzres.dll [avoiding WinVerifyTrust]
|
|---|
| 3086 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000718 pwszName=\Device\HarddiskVolume3\Windows\System32\tzres.dll
|
|---|
| 3087 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 3088 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 3089 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2C2912B1AF73A6796732D1488D75007F742A3299
|
|---|
| 3090 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3091 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3092 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3093 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3094 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3095 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3096 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3097 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CoreSystem-Base-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\tzres.dll'
|
|---|
| 3098 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 3099 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\tzres.dll'
|
|---|
| 3100 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3101 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3102 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3103 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3104 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3105 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3106 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\SYSTEM32\WINMM.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3107 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
|
|---|
| 3108 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff909050000 'C:\Windows\SYSTEM32\WINMM.dll'
|
|---|
| 3109 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3110 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 3111 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b5a0000 'C:\Windows\system32\user32.dll'
|
|---|
| 3112 | 1a18.aa4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3113 | 1a18.aa4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll
|
|---|
| 3114 | 1a18.aa4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a4f0000 'C:\Windows\system32\mswsock.dll'
|
|---|
| 3115 | 1a18.aa4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-version-l1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3116 | 1a18.aa4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ad00000 'api-ms-win-core-version-l1-1-0.dll'
|
|---|
| 3117 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3118 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3119 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3120 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3121 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3122 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3123 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3124 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3125 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3126 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3127 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3128 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3129 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3130 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3131 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3132 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3133 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3134 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3135 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3136 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3137 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3138 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3139 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3140 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3141 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3142 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3143 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3144 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3145 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3146 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3147 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3148 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3149 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3150 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/uxtheme.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3151 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
|
|---|
| 3152 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff909940000 'C:\Windows\system32/uxtheme.dll'
|
|---|
| 3153 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3154 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3155 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3156 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3157 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3158 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3159 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3160 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3161 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3162 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3163 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3164 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3165 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3166 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3167 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3168 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3169 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3170 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3171 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3172 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3173 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3174 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3175 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3176 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3177 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\propsys.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3178 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3179 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3180 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3181 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3182 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
|
|---|
| 3183 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b040000 'C:\Windows\System32\WINTRUST.DLL'
|
|---|
| 3184 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3185 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3186 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\CRYPT32.dll'
|
|---|
| 3187 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3188 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3189 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3190 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3191 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 3192 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
|
|---|
| 3193 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
|
|---|
| 3194 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'combase.dll'.
|
|---|
| 3195 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\propsys.dll)WinVerifyTrust
|
|---|
| 3196 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\propsys.dll
|
|---|
| 3197 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
|
|---|
| 3198 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll'
|
|---|
| 3199 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
|
|---|
| 3200 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 3201 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 3202 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 3203 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 3204 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll'
|
|---|
| 3205 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 3206 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 3207 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 3208 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 3209 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll
|
|---|
| 3210 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9055c0000 'C:\Windows\system32\propsys.dll'
|
|---|
| 3211 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3212 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3213 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3214 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=comctl32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3215 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll' [rcNt=0x0]
|
|---|
| 3216 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001160 pwszName=\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll
|
|---|
| 3217 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 3218 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 3219 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5390073B6380AD5C6C8BDA60984E68C77A19C6FF
|
|---|
| 3220 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3221 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3222 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3223 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3224 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3225 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3226 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3227 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2551_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll'
|
|---|
| 3228 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 3229 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 3230 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'gdi32.dll'.
|
|---|
| 3231 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
|
|---|
| 3232 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll)WinVerifyTrust
|
|---|
| 3233 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll
|
|---|
| 3234 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 3235 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 3236 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 3237 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 3238 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 3239 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 3240 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 3241 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 3242 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 3243 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll
|
|---|
| 3244 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9082b0000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll'
|
|---|
| 3245 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=comctl32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3246 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll' [rcNt=0x0]
|
|---|
| 3247 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll
|
|---|
| 3248 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9082b0000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll'
|
|---|
| 3249 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 3250 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
|
|---|
| 3251 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'combase.dll'.
|
|---|
| 3252 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WindowsCodecs.dll)
|
|---|
| 3253 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WindowsCodecs.dll
|
|---|
| 3254 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3255 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3256 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
|
|---|
| 3257 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll'
|
|---|
| 3258 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
|
|---|
| 3259 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 3260 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 3261 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 3262 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 3263 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 3264 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 3265 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3266 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3267 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3268 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3269 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3270 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\WindowsCodecs.dll'
|
|---|
| 3271 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3272 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3273 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\System32\shell32.dll'
|
|---|
| 3274 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3275 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3276 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\System32\shell32.dll'
|
|---|
| 3277 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\apphelp.dll)
|
|---|
| 3278 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\apphelp.dll
|
|---|
| 3279 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011a0 pwszName=\Device\HarddiskVolume3\Windows\System32\apphelp.dll
|
|---|
| 3280 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 3281 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 3282 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B4C95513642E818E61368D055E77885237B5EC1E
|
|---|
| 3283 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3284 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3285 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3286 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3287 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3288 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3289 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3290 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1722_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\Device\HarddiskVolume3\Windows\System32\apphelp.dll'
|
|---|
| 3291 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 3292 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\apphelp.dll'
|
|---|
| 3293 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3294 | 1a18.fa0: \Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
|
|---|
| 3295 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL)
|
|---|
| 3296 | 1a18.fa0: Error (rc=0):
|
|---|
| 3297 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL'.
|
|---|
| 3298 | 1a18.fa0: Error (rc=0):
|
|---|
| 3299 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL': rcNt=0xc0000190
|
|---|
| 3300 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL'
|
|---|
| 3301 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3302 | 1a18.fa0: \Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
|
|---|
| 3303 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL)
|
|---|
| 3304 | 1a18.fa0: Error (rc=0):
|
|---|
| 3305 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL'.
|
|---|
| 3306 | 1a18.fa0: Error (rc=0):
|
|---|
| 3307 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL': rcNt=0xc0000190
|
|---|
| 3308 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL'
|
|---|
| 3309 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3310 | 1a18.fa0: \Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
|
|---|
| 3311 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL)
|
|---|
| 3312 | 1a18.fa0: Error (rc=0):
|
|---|
| 3313 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume3\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL'.
|
|---|
| 3314 | 1a18.fa0: Error (rc=0):
|
|---|
| 3315 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL': rcNt=0xc0000190
|
|---|
| 3316 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL'
|
|---|
| 3317 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3318 | 1a18.fa0: \Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 ac 0c e3 60 a3 a2 97 e3 45 53 34 19 e9 03 00 00)
|
|---|
| 3319 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll)
|
|---|
| 3320 | 1a18.fa0: Error (rc=0):
|
|---|
| 3321 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll'.
|
|---|
| 3322 | 1a18.fa0: Error (rc=0):
|
|---|
| 3323 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll': rcNt=0xc0000190
|
|---|
| 3324 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll'
|
|---|
| 3325 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3326 | 1a18.fa0: \Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 ac 0c e3 60 a3 a2 97 e3 45 53 34 19 e9 03 00 00)
|
|---|
| 3327 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll)
|
|---|
| 3328 | 1a18.fa0: Error (rc=0):
|
|---|
| 3329 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll'.
|
|---|
| 3330 | 1a18.fa0: Error (rc=0):
|
|---|
| 3331 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll': rcNt=0xc0000190
|
|---|
| 3332 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll'
|
|---|
| 3333 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3334 | 1a18.fa0: \Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 ac 0c e3 60 a3 a2 97 e3 45 53 34 19 e9 03 00 00)
|
|---|
| 3335 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll)
|
|---|
| 3336 | 1a18.fa0: Error (rc=0):
|
|---|
| 3337 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll'.
|
|---|
| 3338 | 1a18.fa0: Error (rc=0):
|
|---|
| 3339 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll': rcNt=0xc0000190
|
|---|
| 3340 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll'
|
|---|
| 3341 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3342 | 1a18.fa0: \Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 ac 0c e3 60 a3 a2 97 e3 45 53 34 19 e9 03 00 00)
|
|---|
| 3343 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll)
|
|---|
| 3344 | 1a18.fa0: Error (rc=0):
|
|---|
| 3345 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume3\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll'.
|
|---|
| 3346 | 1a18.fa0: Error (rc=0):
|
|---|
| 3347 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll': rcNt=0xc0000190
|
|---|
| 3348 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Users\hkden_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll'
|
|---|
| 3349 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\EhStorShell.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3350 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011a8 pwszName=\Device\HarddiskVolume3\Windows\System32\EhStorShell.dll
|
|---|
| 3351 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 3352 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 3353 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C111F1DA8BF20C35EDD63783C5A20BD7DD10D4D1
|
|---|
| 3354 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3355 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3356 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3357 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3358 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3359 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3360 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3361 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-drivers~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\EhStorShell.dll'
|
|---|
| 3362 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 3363 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 3364 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
|
|---|
| 3365 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
|
|---|
| 3366 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
|
|---|
| 3367 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
|
|---|
| 3368 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
|
|---|
| 3369 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'.
|
|---|
| 3370 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'shlwapi.dll'.
|
|---|
| 3371 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'comctl32.dll'.
|
|---|
| 3372 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'setupapi.dll'.
|
|---|
| 3373 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\EhStorShell.dll)WinVerifyTrust
|
|---|
| 3374 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\EhStorShell.dll
|
|---|
| 3375 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
|
|---|
| 3376 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll'
|
|---|
| 3377 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
|
|---|
| 3378 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
|
|---|
| 3379 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comctl32.dll'
|
|---|
| 3380 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comctl32.dll
|
|---|
| 3381 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
|
|---|
| 3382 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
|
|---|
| 3383 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
|
|---|
| 3384 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
|
|---|
| 3385 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume3\Windows\System32\propsys.dll'
|
|---|
| 3386 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll
|
|---|
| 3387 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
|
|---|
| 3388 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
|
|---|
| 3389 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3390 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 3391 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 3392 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 3393 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 3394 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll'
|
|---|
| 3395 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 3396 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 3397 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll'
|
|---|
| 3398 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
|
|---|
| 3399 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 3400 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 3401 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 3402 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 3403 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 3404 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 3405 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\EhStorShell.dll
|
|---|
| 3406 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8feb50000 'C:\Windows\System32\EhStorShell.dll'
|
|---|
| 3407 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\EhStorShell.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3408 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\EhStorShell.dll
|
|---|
| 3409 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8feb50000 'C:\Windows\System32\EhStorShell.dll'
|
|---|
| 3410 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\Google\Drive\googledrivesync64.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3411 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3412 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3413 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3414 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3415 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
|
|---|
| 3416 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff904a40000 'C:\Windows\System32\cryptnet.dll'
|
|---|
| 3417 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'shlwapi.dll'.
|
|---|
| 3418 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'psapi.dll'.
|
|---|
| 3419 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
|
|---|
| 3420 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
|
|---|
| 3421 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
|
|---|
| 3422 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcp90.dll'.
|
|---|
| 3423 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr90.dll'.
|
|---|
| 3424 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files (x86)\Google\Drive\googledrivesync64.dll)WinVerifyTrust
|
|---|
| 3425 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files (x86)\Google\Drive\googledrivesync64.dll
|
|---|
| 3426 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr90.dll'...
|
|---|
| 3427 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Failed to locate 'msvcr90.dll'
|
|---|
| 3428 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp90.dll'...
|
|---|
| 3429 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Failed to locate 'msvcp90.dll'
|
|---|
| 3430 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
|
|---|
| 3431 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll'
|
|---|
| 3432 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
|
|---|
| 3433 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
|
|---|
| 3434 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
|
|---|
| 3435 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3436 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 3437 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
|
|---|
| 3438 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
|
|---|
| 3439 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
|
|---|
| 3440 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\psapi.dll'
|
|---|
| 3441 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3442 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3443 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3444 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3445 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3446 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3447 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3448 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\psapi.dll)WinVerifyTrust
|
|---|
| 3449 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\psapi.dll
|
|---|
| 3450 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
|
|---|
| 3451 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
|
|---|
| 3452 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
|
|---|
| 3453 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\Google\Drive\googledrivesync64.dll
|
|---|
| 3454 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr90.dll'.
|
|---|
| 3455 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcp90.dll)
|
|---|
| 3456 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcp90.dll
|
|---|
| 3457 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll)
|
|---|
| 3458 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll
|
|---|
| 3459 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f8b00000 'C:\Program Files (x86)\Google\Drive\googledrivesync64.dll'
|
|---|
| 3460 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3461 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3462 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr90.dll'...
|
|---|
| 3463 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr90.dll' -> '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll'
|
|---|
| 3464 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll [lacks WinVerifyTrust]
|
|---|
| 3465 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3466 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll'
|
|---|
| 3467 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3468 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3469 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3470 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcp90.dll'
|
|---|
| 3471 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\Google\Drive\googledrivesync64.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3472 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\Google\Drive\googledrivesync64.dll
|
|---|
| 3473 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f8b00000 'C:\Program Files (x86)\Google\Drive\googledrivesync64.dll'
|
|---|
| 3474 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\Google\Drive\googledrivesync64.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3475 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\Google\Drive\googledrivesync64.dll
|
|---|
| 3476 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f8b00000 'C:\Program Files (x86)\Google\Drive\googledrivesync64.dll'
|
|---|
| 3477 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\Google\Drive\googledrivesync64.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3478 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\Google\Drive\googledrivesync64.dll
|
|---|
| 3479 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f8b00000 'C:\Program Files (x86)\Google\Drive\googledrivesync64.dll'
|
|---|
| 3480 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\Google\Drive\googledrivesync64.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3481 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\Google\Drive\googledrivesync64.dll
|
|---|
| 3482 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f8b00000 'C:\Program Files (x86)\Google\Drive\googledrivesync64.dll'
|
|---|
| 3483 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\Google\Drive\googledrivesync64.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3484 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\Google\Drive\googledrivesync64.dll
|
|---|
| 3485 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f8b00000 'C:\Program Files (x86)\Google\Drive\googledrivesync64.dll'
|
|---|
| 3486 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cscui.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3487 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011ec pwszName=\Device\HarddiskVolume3\Windows\System32\cscui.dll
|
|---|
| 3488 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 3489 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 3490 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5D2FC784920E1F6BF3C4923F486D515E2F9CCA3C
|
|---|
| 3491 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3492 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3493 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3494 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3495 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3496 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3497 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3498 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_191_for_KB2967917~31bf3856ad364e35~amd64~~6.3.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\cscui.dll'
|
|---|
| 3499 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 3500 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 3501 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
|
|---|
| 3502 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
|
|---|
| 3503 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
|
|---|
| 3504 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'propsys.dll'.
|
|---|
| 3505 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
|
|---|
| 3506 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'shlwapi.dll'.
|
|---|
| 3507 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'cscdll.dll'.
|
|---|
| 3508 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cscui.dll)WinVerifyTrust
|
|---|
| 3509 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cscui.dll
|
|---|
| 3510 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cscdll.dll'...
|
|---|
| 3511 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'cscdll.dll' -> '\Device\HarddiskVolume3\Windows\System32\cscdll.dll'
|
|---|
| 3512 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011b4 pwszName=\Device\HarddiskVolume3\Windows\System32\cscdll.dll
|
|---|
| 3513 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 3514 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 3515 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C7C19FE4B9E02E438BDDAD0079F101A7B3C792A7
|
|---|
| 3516 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3517 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3518 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3519 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3520 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3521 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3522 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3523 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-base~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\cscdll.dll'
|
|---|
| 3524 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 3525 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 3526 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cscdll.dll)WinVerifyTrust
|
|---|
| 3527 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cscdll.dll
|
|---|
| 3528 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
|
|---|
| 3529 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
|
|---|
| 3530 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
|
|---|
| 3531 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
|
|---|
| 3532 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
|
|---|
| 3533 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3534 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
|
|---|
| 3535 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume3\Windows\System32\propsys.dll'
|
|---|
| 3536 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll
|
|---|
| 3537 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 3538 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 3539 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 3540 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
|
|---|
| 3541 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll'
|
|---|
| 3542 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
|
|---|
| 3543 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 3544 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 3545 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 3546 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 3547 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 3548 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 3549 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 3550 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 3551 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 3552 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cscui.dll
|
|---|
| 3553 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cscdll.dll
|
|---|
| 3554 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=comctl32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3555 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll' [rcNt=0x0]
|
|---|
| 3556 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll
|
|---|
| 3557 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9082b0000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll'
|
|---|
| 3558 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd810000 'C:\Windows\System32\cscui.dll'
|
|---|
| 3559 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cscui.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3560 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cscui.dll
|
|---|
| 3561 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd810000 'C:\Windows\System32\cscui.dll'
|
|---|
| 3562 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mssprxy.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3563 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001228 pwszName=\Device\HarddiskVolume3\Windows\System32\mssprxy.dll
|
|---|
| 3564 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 3565 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 3566 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=53EB47F5A8988B3B2527DFE62F7F802B3B634D23
|
|---|
| 3567 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3568 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3569 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3570 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3571 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3572 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3573 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3574 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5584_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\Device\HarddiskVolume3\Windows\System32\mssprxy.dll'
|
|---|
| 3575 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 3576 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 3577 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
|
|---|
| 3578 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
|
|---|
| 3579 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'combase.dll'.
|
|---|
| 3580 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mssprxy.dll)WinVerifyTrust
|
|---|
| 3581 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mssprxy.dll
|
|---|
| 3582 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
|
|---|
| 3583 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll'
|
|---|
| 3584 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
|
|---|
| 3585 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 3586 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll'
|
|---|
| 3587 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 3588 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
|
|---|
| 3589 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
|
|---|
| 3590 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
|
|---|
| 3591 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 3592 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 3593 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 3594 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mssprxy.dll
|
|---|
| 3595 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8f1540000 'C:\Windows\system32\mssprxy.dll'
|
|---|
| 3596 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3597 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3598 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\System32\shell32.dll'
|
|---|
| 3599 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\thumbcache.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3600 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001240 pwszName=\Device\HarddiskVolume3\Windows\System32\thumbcache.dll
|
|---|
| 3601 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 3602 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 3603 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F8A71C810C28D08DA8231226ACEB9802D8F7DC0D
|
|---|
| 3604 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3605 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3606 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3607 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3608 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3609 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3610 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3611 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2555_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\Device\HarddiskVolume3\Windows\System32\thumbcache.dll'
|
|---|
| 3612 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 3613 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 3614 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
|
|---|
| 3615 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'shcore.dll'.
|
|---|
| 3616 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'user32.dll'.
|
|---|
| 3617 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'gdi32.dll'.
|
|---|
| 3618 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'shell32.dll'.
|
|---|
| 3619 | 1a18.fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'propsys.dll'.
|
|---|
| 3620 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\thumbcache.dll)WinVerifyTrust
|
|---|
| 3621 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\thumbcache.dll
|
|---|
| 3622 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
|
|---|
| 3623 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume3\Windows\System32\propsys.dll'
|
|---|
| 3624 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll
|
|---|
| 3625 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
|
|---|
| 3626 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
|
|---|
| 3627 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3628 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
|
|---|
| 3629 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
|
|---|
| 3630 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
|
|---|
| 3631 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 3632 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll'
|
|---|
| 3633 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
|
|---|
| 3634 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
|
|---|
| 3635 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll'
|
|---|
| 3636 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
|
|---|
| 3637 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
|
|---|
| 3638 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll'
|
|---|
| 3639 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 3640 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
|
|---|
| 3641 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
|
|---|
| 3642 | 1a18.fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
|
|---|
| 3643 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\thumbcache.dll
|
|---|
| 3644 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=comctl32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3645 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll' [rcNt=0x0]
|
|---|
| 3646 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll
|
|---|
| 3647 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9082b0000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll'
|
|---|
| 3648 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff906260000 'C:\Windows\System32\thumbcache.dll'
|
|---|
| 3649 | 1a18.fa0: '\Device\HarddiskVolume3\Windows\System32\imageres.dll' has no imports
|
|---|
| 3650 | 1a18.fa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\imageres.dll)
|
|---|
| 3651 | 1a18.fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imageres.dll
|
|---|
| 3652 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001258 pwszName=\Device\HarddiskVolume3\Windows\System32\imageres.dll
|
|---|
| 3653 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b9b990
|
|---|
| 3654 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b9b990
|
|---|
| 3655 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7467EB099B57A749CBEA853CF14DF9A93862B832
|
|---|
| 3656 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3657 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
|
|---|
| 3658 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90a190000 'C:\Windows\system32\rsaenh.dll'
|
|---|
| 3659 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=crypt32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3660 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'crypt32.dll' -> 'C:\Windows\system32\crypt32.dll' [rcNt=0xc0150008]
|
|---|
| 3661 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
|
|---|
| 3662 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ae10000 'C:\Windows\system32\crypt32.dll'
|
|---|
| 3663 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-shell~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume3\Windows\System32\imageres.dll'
|
|---|
| 3664 | 1a18.fa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
|
|---|
| 3665 | 1a18.fa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imageres.dll'
|
|---|
| 3666 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\windowscodecs.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3667 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WindowsCodecs.dll
|
|---|
| 3668 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff907330000 'C:\Windows\system32\windowscodecs.dll'
|
|---|
| 3669 | 1a18.fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imageres.dll
|
|---|
| 3670 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3671 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3672 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3673 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3674 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3675 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3676 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3677 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3678 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3679 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32.DLL *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3680 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.DLL' -> 'C:\Windows\system32\OLEAUT32.DLL' [rcNt=0xc0150008]
|
|---|
| 3681 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
|
|---|
| 3682 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90b4e0000 'C:\Windows\system32\OLEAUT32.DLL'
|
|---|
| 3683 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msctf.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3684 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll
|
|---|
| 3685 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ba40000 'C:\Windows\system32\msctf.dll'
|
|---|
| 3686 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msctf.dll *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags>
|
|---|
| 3687 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll
|
|---|
| 3688 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90ba40000 'C:\Windows\system32\msctf.dll'
|
|---|
| 3689 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3690 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3691 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3692 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3693 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3694 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3695 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3696 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3697 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3698 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3699 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3700 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3701 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3702 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3703 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3704 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3705 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3706 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3707 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3708 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3709 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3710 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3711 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3712 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3713 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3714 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3715 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3716 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3717 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3718 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3719 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3720 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3721 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3722 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3723 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3724 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3725 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3726 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3727 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3728 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3729 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3730 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3731 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3732 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3733 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3734 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3735 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3736 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3737 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3738 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3739 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3740 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3741 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3742 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3743 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3744 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3745 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3746 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3747 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3748 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3749 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3750 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3751 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3752 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3753 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3754 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3755 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3756 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3757 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3758 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3759 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3760 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3761 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3762 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3763 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3764 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3765 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3766 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3767 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3768 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3769 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3770 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3771 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3772 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3773 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3774 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3775 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3776 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3777 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3778 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3779 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3780 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3781 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3782 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3783 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3784 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3785 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3786 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3787 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3788 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3789 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3790 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3791 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3792 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3793 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3794 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3795 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3796 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3797 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3798 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3799 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3800 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3801 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3802 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3803 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3804 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3805 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3806 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3807 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3808 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3809 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3810 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3811 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3812 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3813 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3814 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3815 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3816 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3817 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3818 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3819 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3820 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3821 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3822 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3823 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3824 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3825 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3826 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3827 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3828 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3829 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3830 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3831 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3832 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3833 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3834 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3835 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3836 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3837 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3838 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3839 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3840 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3841 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3842 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3843 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3844 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3845 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3846 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3847 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3848 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3849 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3850 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3851 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3852 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3853 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3854 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3855 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3856 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3857 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3858 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3859 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3860 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3861 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3862 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3863 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3864 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3865 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3866 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3867 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3868 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3869 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3870 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3871 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3872 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3873 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3874 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3875 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3876 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3877 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3878 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3879 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3880 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3881 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3882 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3883 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3884 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3885 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3886 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3887 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3888 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3889 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3890 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3891 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3892 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3893 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3894 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3895 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3896 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3897 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3898 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3899 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3900 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3901 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3902 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3903 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3904 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3905 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3906 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3907 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3908 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3909 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3910 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3911 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3912 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3913 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3914 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3915 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3916 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3917 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3918 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3919 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3920 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3921 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3922 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3923 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3924 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3925 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3926 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3927 | 1a18.fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
|
|---|
| 3928 | 1a18.fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff90bf00000 'C:\Windows\system32\shell32.dll'
|
|---|
| 3929 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags>
|
|---|
| 3930 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
|
|---|
| 3931 | 1a18.430: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
|
|---|
| 3932 | 1a18.430: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8fd9c0000 'C:\Windows\system32\OPENGL32.dll'
|
|---|
| 3933 | 1a18.fa0: Terminating the normal way: rcExit=0
|
|---|
| 3934 | 1bb0.1900: supR3HardenedWinDoReSpawn(2): Quitting: ExitCode=0x0 rcNt=0x0
|
|---|
| 3935 | 19d0.19d8: supR3HardenedWinDoReSpawn(1): Quitting: ExitCode=0x0 rcNt=0x0
|
|---|