VirtualBox

Ticket #13469: VBoxStartup.log

File VBoxStartup.log, 226.7 KB (added by JamesTuttle, 10 years ago)
Line 
1e54.10c: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2e54.10c: Calling main()
3e54.10c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4e54.10c: SUPR3HardenedMain: Respawn #1
5e54.10c: System32: \Device\HarddiskVolume2\Windows\System32
6e54.10c: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
7e54.10c: ProgDir: \Device\HarddiskVolume2\Program Files
8e54.10c: ComDir: \Device\HarddiskVolume2\Program Files\Common Files
9e54.10c: ProgDir32: \Device\HarddiskVolume2\Program Files (x86)
10e54.10c: ComDir32: \Device\HarddiskVolume2\Program Files (x86)\Common Files
11e54.10c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
12e54.10c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
13e54.10c: supR3HardNtEnableThreadCreation:
14e54.10c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007776bfa0 pvNtTerminateThread=0000000077791360
15e54.10c: supR3HardenedWinDoReSpawn(1): New child 1900.1b10 [kernel32].
16e54.10c: supR3HardenedWinPurifyChild: PebBaseAddress=000007fffffd9000 cbPeb=0x380
17e54.10c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077740000 uNtDllChildAddr=0000000077740000
18e54.10c: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=000000007776bfa0 uNtTerminateThread=0000000077791360
19e54.10c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007776bfa0 pvNtTerminateThread=0000000077791360
20e54.10c: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
21e54.10c: supR3HardNtPuChTriggerInitialImageEvents: ntdll.dll[2nd] mapped at 00000000002e0000 LB 0x1ab000
22e54.10c: supR3HardNtPuChTriggerInitialImageEvents: mapping view of kernel32.dll
23e54.10c: supR3HardNtPuChTriggerInitialImageEvents: kernel32.dll mapped at 0000000077520000 LB 0x11f000
24e54.10c: supR3HardNtPuChTriggerInitialImageEvents: mapping view of KernelBase.dll
25e54.10c: supR3HardNtPuChTriggerInitialImageEvents: KernelBase.dll mapped at 000007fefdee0000 LB 0x6b000
26e54.10c: supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: 15 ms
27e54.10c: supR3HardNtEnableThreadCreation:
28e54.10c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
29e54.10c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
30e54.10c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
31e54.10c: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
32e54.10c: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
33e54.10c: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
34e54.10c: 0000000000041000-ffffffffffea1fff 0x0001/0x0000 0x0000000
35e54.10c: *00000000001e0000-00000000000e3fff 0x0000/0x0004 0x0020000
36e54.10c: 00000000002dc000-00000000002d8fff 0x0104/0x0004 0x0020000
37e54.10c: 00000000002df000-00000000002ddfff 0x0004/0x0004 0x0020000
38e54.10c: 00000000002e0000-ffffffff88e7ffff 0x0001/0x0000 0x0000000
39e54.10c: *0000000077740000-000000007773efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
40e54.10c: 0000000077741000-000000007763efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
41e54.10c: 0000000077843000-0000000077813fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
42e54.10c: 0000000077872000-0000000077863fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
43e54.10c: 0000000077880000-0000000077814fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
44e54.10c: 00000000778eb000-00000000701f5fff 0x0001/0x0000 0x0000000
45e54.10c: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
46e54.10c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
47e54.10c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
48e54.10c: 000000007fff0000-ffffffffc0aeffff 0x0001/0x0000 0x0000000
49e54.10c: *000000013f4f0000-000000013f4eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
50e54.10c: 000000013f4f1000-000000013f471fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
51e54.10c: 000000013f570000-000000013f56efff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
52e54.10c: 000000013f571000-000000013f539fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
53e54.10c: 000000013f5a8000-000000013f59efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
54e54.10c: 000000013f5b1000-000000013f577fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
55e54.10c: 000000013f5ea000-fffff8037f173fff 0x0001/0x0000 0x0000000
56e54.10c: *000007feffa60000-000007feffa5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
57e54.10c: 000007feffa61000-000007fdff511fff 0x0001/0x0000 0x0000000
58e54.10c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
59e54.10c: 000007fffffd3000-000007fffffccfff 0x0001/0x0000 0x0000000
60e54.10c: *000007fffffd9000-000007fffffd7fff 0x0004/0x0004 0x0020000
61e54.10c: 000007fffffda000-000007fffffd5fff 0x0001/0x0000 0x0000000
62e54.10c: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
63e54.10c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
64e54.10c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
65e54.10c: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
66e54.10c: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
67e54.10c: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
68e54.10c: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
69e54.10c: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
70e54.10c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
711900.1b10: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
721900.1b10: Calling main()
731900.1b10: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
741900.1b10: System32: \Device\HarddiskVolume2\Windows\System32
751900.1b10: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
761900.1b10: ProgDir: \Device\HarddiskVolume2\Program Files
771900.1b10: ComDir: \Device\HarddiskVolume2\Program Files\Common Files
781900.1b10: ProgDir32: \Device\HarddiskVolume2\Program Files (x86)
791900.1b10: ComDir32: \Device\HarddiskVolume2\Program Files (x86)\Common Files
801900.1b10: supR3HardenedWinInit: Startup delay kludge #2/0: 94 ms, 11 sleeps
811900.1b10: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
821900.1b10: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
831900.1b10: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
841900.1b10: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
851900.1b10: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
861900.1b10: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
871900.1b10: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
881900.1b10: 0000000000041000-0000000000011fff 0x0001/0x0000 0x0000000
891900.1b10: *0000000000070000-fffffffffffeefff 0x0004/0x0004 0x0020000
901900.1b10: 00000000000f1000-0000000000071fff 0x0000/0x0004 0x0020000
911900.1b10: *0000000000170000-0000000000108fff 0x0002/0x0002 0x0040000
921900.1b10: 00000000001d7000-00000000001cdfff 0x0001/0x0000 0x0000000
931900.1b10: *00000000001e0000-00000000000e4fff 0x0000/0x0004 0x0020000
941900.1b10: 00000000002db000-00000000002d8fff 0x0104/0x0004 0x0020000
951900.1b10: 00000000002dd000-00000000002d9fff 0x0004/0x0004 0x0020000
961900.1b10: *00000000002e0000-0000000000133fff 0x0004/0x0004 0x0020000
971900.1b10: 000000000048c000-ffffffff893f7fff 0x0001/0x0000 0x0000000
981900.1b10: *0000000077520000-000000007751efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
991900.1b10: 0000000077521000-0000000077485fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1001900.1b10: 00000000775bc000-000000007754dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1011900.1b10: 000000007762a000-0000000077627fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1021900.1b10: 000000007762c000-0000000077618fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1031900.1b10: 000000007763f000-000000007753dfff 0x0001/0x0000 0x0000000
1041900.1b10: *0000000077740000-000000007773efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1051900.1b10: 0000000077741000-000000007763efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1061900.1b10: 0000000077843000-0000000077813fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1071900.1b10: 0000000077872000-0000000077870fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1081900.1b10: 0000000077873000-0000000077871fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1091900.1b10: 0000000077874000-0000000077872fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1101900.1b10: 0000000077875000-0000000077872fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1111900.1b10: 0000000077877000-0000000077875fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1121900.1b10: 0000000077878000-0000000077874fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1131900.1b10: 000000007787b000-0000000077878fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1141900.1b10: 000000007787d000-000000007787bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1151900.1b10: 000000007787e000-000000007787bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1161900.1b10: 0000000077880000-0000000077814fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1171900.1b10: 00000000778eb000-00000000701f5fff 0x0001/0x0000 0x0000000
1181900.1b10: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
1191900.1b10: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
1201900.1b10: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
1211900.1b10: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1221900.1b10: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1231900.1b10: 000000007fff0000-ffffffffc0aeffff 0x0001/0x0000 0x0000000
1241900.1b10: *000000013f4f0000-000000013f4eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1251900.1b10: 000000013f4f1000-000000013f471fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1261900.1b10: 000000013f570000-000000013f56efff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1271900.1b10: 000000013f571000-000000013f539fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1281900.1b10: 000000013f5a8000-000000013f59efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1291900.1b10: 000000013f5b1000-000000013f577fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
1301900.1b10: 000000013f5ea000-fffff80380cf3fff 0x0001/0x0000 0x0000000
1311900.1b10: *000007fefdee0000-000007fefdedefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1321900.1b10: 000007fefdee1000-000007fefde96fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1331900.1b10: 000007fefdf2b000-000007fefdf15fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1341900.1b10: 000007fefdf40000-000007fefdf3dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1351900.1b10: 000007fefdf42000-000007fefdf38fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1361900.1b10: 000007fefdf4b000-000007fefc435fff 0x0001/0x0000 0x0000000
1371900.1b10: *000007feffa60000-000007feffa5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
1381900.1b10: 000007feffa61000-000007fdff511fff 0x0001/0x0000 0x0000000
1391900.1b10: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
1401900.1b10: 000007fffffd3000-000007fffffccfff 0x0001/0x0000 0x0000000
1411900.1b10: *000007fffffd9000-000007fffffd7fff 0x0004/0x0004 0x0020000
1421900.1b10: 000007fffffda000-000007fffffd5fff 0x0001/0x0000 0x0000000
1431900.1b10: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
1441900.1b10: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
1451900.1b10: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1461900.1b10: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
1471900.1b10: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1481900.1b10: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
1491900.1b10: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
1501900.1b10: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
1511900.1b10: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
1521900.1b10: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1531900.1b10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1541900.1b10: supHardNtVpScanVirtualMemory: enmKind=VERIFY_ONLY
1551900.1b10: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
1561900.1b10: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
1571900.1b10: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
1581900.1b10: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
1591900.1b10: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
1601900.1b10: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
1611900.1b10: 0000000000041000-0000000000011fff 0x0001/0x0000 0x0000000
1621900.1b10: *0000000000070000-fffffffffff6ffff 0x0004/0x0004 0x0020000
1631900.1b10: *0000000000170000-0000000000108fff 0x0002/0x0002 0x0040000
1641900.1b10: 00000000001d7000-00000000001cdfff 0x0001/0x0000 0x0000000
1651900.1b10: *00000000001e0000-00000000000e5fff 0x0000/0x0004 0x0020000
1661900.1b10: 00000000002da000-00000000002d7fff 0x0104/0x0004 0x0020000
1671900.1b10: 00000000002dc000-00000000002d7fff 0x0004/0x0004 0x0020000
1681900.1b10: *00000000002e0000-0000000000133fff 0x0004/0x0004 0x0020000
1691900.1b10: 000000000048c000-0000000000487fff 0x0001/0x0000 0x0000000
1701900.1b10: *0000000000490000-0000000000393fff 0x0004/0x0004 0x0020000
1711900.1b10: 000000000058c000-0000000000587fff 0x0000/0x0004 0x0020000
1721900.1b10: *0000000000590000-0000000000512fff 0x0004/0x0004 0x0020000
1731900.1b10: 000000000060d000-0000000000489fff 0x0000/0x0004 0x0020000
1741900.1b10: *0000000000790000-000000000066ffff 0x0004/0x0004 0x0020000
1751900.1b10: 00000000008b0000-ffffffff89c3ffff 0x0001/0x0000 0x0000000
1761900.1b10: *0000000077520000-000000007751efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1771900.1b10: 0000000077521000-0000000077485fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1781900.1b10: 00000000775bc000-000000007754dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1791900.1b10: 000000007762a000-0000000077627fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1801900.1b10: 000000007762c000-0000000077618fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1811900.1b10: 000000007763f000-000000007753dfff 0x0001/0x0000 0x0000000
1821900.1b10: *0000000077740000-000000007773efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1831900.1b10: 0000000077741000-000000007763efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1841900.1b10: 0000000077843000-0000000077813fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1851900.1b10: 0000000077872000-0000000077870fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1861900.1b10: 0000000077873000-0000000077871fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1871900.1b10: 0000000077874000-0000000077872fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1881900.1b10: 0000000077875000-0000000077872fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1891900.1b10: 0000000077877000-0000000077875fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1901900.1b10: 0000000077878000-0000000077874fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1911900.1b10: 000000007787b000-0000000077878fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1921900.1b10: 000000007787d000-000000007787bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1931900.1b10: 000000007787e000-000000007787bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1941900.1b10: 0000000077880000-0000000077814fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1951900.1b10: 00000000778eb000-00000000778e5fff 0x0001/0x0000 0x0000000
1961900.1b10: *00000000778f0000-00000000778eefff 0x0004/0x0004 0x0020000
1971900.1b10: 00000000778f1000-0000000070201fff 0x0001/0x0000 0x0000000
1981900.1b10: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
1991900.1b10: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
2001900.1b10: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
2011900.1b10: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2021900.1b10: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2031900.1b10: 000000007fff0000-ffffffffc0aeffff 0x0001/0x0000 0x0000000
2041900.1b10: *000000013f4f0000-000000013f4eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2051900.1b10: 000000013f4f1000-000000013f470fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2061900.1b10: 000000013f571000-000000013f539fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2071900.1b10: 000000013f5a8000-000000013f59efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2081900.1b10: 000000013f5b1000-000000013f577fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2091900.1b10: 000000013f5ea000-fffff80380cf3fff 0x0001/0x0000 0x0000000
2101900.1b10: *000007fefdee0000-000007fefdedefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2111900.1b10: 000007fefdee1000-000007fefde96fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2121900.1b10: 000007fefdf2b000-000007fefdf15fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2131900.1b10: 000007fefdf40000-000007fefdf3dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2141900.1b10: 000007fefdf42000-000007fefdf38fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2151900.1b10: 000007fefdf4b000-000007fefc435fff 0x0001/0x0000 0x0000000
2161900.1b10: *000007feffa60000-000007feffa5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
2171900.1b10: 000007feffa61000-000007fdff511fff 0x0001/0x0000 0x0000000
2181900.1b10: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
2191900.1b10: 000007fffffd3000-000007fffffccfff 0x0001/0x0000 0x0000000
2201900.1b10: *000007fffffd9000-000007fffffd7fff 0x0004/0x0004 0x0020000
2211900.1b10: 000007fffffda000-000007fffffd5fff 0x0001/0x0000 0x0000000
2221900.1b10: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
2231900.1b10: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2241900.1b10: SUPR3HardenedMain: Respawn #2
2251900.1b10: supR3HardNtEnableThreadCreation:
2261900.1b10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags>
2271900.1b10: \Device\HarddiskVolume2\Windows\System32\apphelp.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
2281900.1b10: \Device\HarddiskVolume2\Windows\System32\apphelp.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2291900.1b10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
2301900.1b10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
2311900.1b10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2321900.1b10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda70000 'C:\Windows\system32\apphelp.dll'
2331900.1b10: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007776bfa0 pvNtTerminateThread=0000000077791360
2341900.1b10: supR3HardenedWinDoReSpawn(2): New child 19b4.1b7c [kernel32].
2351900.1b10: supR3HardenedWinPurifyChild: PebBaseAddress=000007fffffd7000 cbPeb=0x380
2361900.1b10: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077740000 uNtDllChildAddr=0000000077740000
2371900.1b10: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=000000007776bfa0 uNtTerminateThread=0000000077791360
2381900.1b10: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007776bfa0 pvNtTerminateThread=0000000077791360
2391900.1b10: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
2401900.1b10: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
2411900.1b10: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
2421900.1b10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdll.dll)
2431900.1b10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2441900.1b10: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
2451900.1b10: supR3HardNtPuChTriggerInitialImageEvents: ntdll.dll[2nd] mapped at 0000000000240000 LB 0x1ab000
2461900.1b10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
2471900.1b10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2481900.1b10: supR3HardNtPuChTriggerInitialImageEvents: mapping view of kernel32.dll
2491900.1b10: supR3HardNtPuChTriggerInitialImageEvents: kernel32.dll mapped at 0000000077520000 LB 0x11f000
2501900.1b10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
2511900.1b10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2521900.1b10: supR3HardNtPuChTriggerInitialImageEvents: mapping view of KernelBase.dll
2531900.1b10: supR3HardNtPuChTriggerInitialImageEvents: KernelBase.dll mapped at 000007fefdee0000 LB 0x6b000
2541900.1b10: supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: 31 ms
2551900.1b10: supR3HardNtEnableThreadCreation:
2561900.1b10: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2571900.1b10: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
2581900.1b10: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
2591900.1b10: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
2601900.1b10: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
2611900.1b10: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
2621900.1b10: 0000000000041000-fffffffffff41fff 0x0001/0x0000 0x0000000
2631900.1b10: *0000000000140000-0000000000043fff 0x0000/0x0004 0x0020000
2641900.1b10: 000000000023c000-0000000000238fff 0x0104/0x0004 0x0020000
2651900.1b10: 000000000023f000-000000000023dfff 0x0004/0x0004 0x0020000
2661900.1b10: 0000000000240000-ffffffff88d3ffff 0x0001/0x0000 0x0000000
2671900.1b10: *0000000077740000-000000007773efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2681900.1b10: 0000000077741000-000000007763efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2691900.1b10: 0000000077843000-0000000077813fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2701900.1b10: 0000000077872000-0000000077863fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2711900.1b10: 0000000077880000-0000000077814fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2721900.1b10: 00000000778eb000-00000000701f5fff 0x0001/0x0000 0x0000000
2731900.1b10: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
2741900.1b10: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2751900.1b10: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2761900.1b10: 000000007fff0000-ffffffffc0aeffff 0x0001/0x0000 0x0000000
2771900.1b10: *000000013f4f0000-000000013f4eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2781900.1b10: 000000013f4f1000-000000013f471fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2791900.1b10: 000000013f570000-000000013f56efff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2801900.1b10: 000000013f571000-000000013f539fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2811900.1b10: 000000013f5a8000-000000013f59efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2821900.1b10: 000000013f5b1000-000000013f577fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2831900.1b10: 000000013f5ea000-fffff8037f173fff 0x0001/0x0000 0x0000000
2841900.1b10: *000007feffa60000-000007feffa5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
2851900.1b10: 000007feffa61000-000007fdff511fff 0x0001/0x0000 0x0000000
2861900.1b10: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
2871900.1b10: 000007fffffd3000-000007fffffcefff 0x0001/0x0000 0x0000000
2881900.1b10: *000007fffffd7000-000007fffffd5fff 0x0004/0x0004 0x0020000
2891900.1b10: 000007fffffd8000-000007fffffd1fff 0x0001/0x0000 0x0000000
2901900.1b10: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
2911900.1b10: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
29219b4.1b7c: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
29319b4.1b7c: Calling main()
29419b4.1b7c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
29519b4.1b7c: System32: \Device\HarddiskVolume2\Windows\System32
29619b4.1b7c: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
29719b4.1b7c: ProgDir: \Device\HarddiskVolume2\Program Files
29819b4.1b7c: ComDir: \Device\HarddiskVolume2\Program Files\Common Files
29919b4.1b7c: ProgDir32: \Device\HarddiskVolume2\Program Files (x86)
30019b4.1b7c: ComDir32: \Device\HarddiskVolume2\Program Files (x86)\Common Files
30119b4.1b7c: supR3HardenedWinInit: Startup delay kludge #2/0: 94 ms, 11 sleeps
30219b4.1b7c: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
30319b4.1b7c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
30419b4.1b7c: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
30519b4.1b7c: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
30619b4.1b7c: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
30719b4.1b7c: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
30819b4.1b7c: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
30919b4.1b7c: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
31019b4.1b7c: *0000000000050000-fffffffffffe8fff 0x0002/0x0002 0x0040000
31119b4.1b7c: 00000000000b7000-000000000002dfff 0x0001/0x0000 0x0000000
31219b4.1b7c: *0000000000140000-0000000000044fff 0x0000/0x0004 0x0020000
31319b4.1b7c: 000000000023b000-0000000000238fff 0x0104/0x0004 0x0020000
31419b4.1b7c: 000000000023d000-0000000000239fff 0x0004/0x0004 0x0020000
31519b4.1b7c: 0000000000240000-000000000022ffff 0x0001/0x0000 0x0000000
31619b4.1b7c: *0000000000250000-00000000001cefff 0x0004/0x0004 0x0020000
31719b4.1b7c: 00000000002d1000-0000000000251fff 0x0000/0x0004 0x0020000
31819b4.1b7c: *0000000000350000-00000000001a3fff 0x0004/0x0004 0x0020000
31919b4.1b7c: 00000000004fc000-ffffffff894d7fff 0x0001/0x0000 0x0000000
32019b4.1b7c: *0000000077520000-000000007751efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
32119b4.1b7c: 0000000077521000-0000000077485fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
32219b4.1b7c: 00000000775bc000-000000007754dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
32319b4.1b7c: 000000007762a000-0000000077627fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
32419b4.1b7c: 000000007762c000-0000000077618fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
32519b4.1b7c: 000000007763f000-000000007753dfff 0x0001/0x0000 0x0000000
32619b4.1b7c: *0000000077740000-000000007773efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
32719b4.1b7c: 0000000077741000-000000007763efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
32819b4.1b7c: 0000000077843000-0000000077813fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
32919b4.1b7c: 0000000077872000-0000000077870fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
33019b4.1b7c: 0000000077873000-0000000077871fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
33119b4.1b7c: 0000000077874000-0000000077872fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
33219b4.1b7c: 0000000077875000-0000000077872fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
33319b4.1b7c: 0000000077877000-0000000077875fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
33419b4.1b7c: 0000000077878000-0000000077874fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
33519b4.1b7c: 000000007787b000-0000000077878fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
33619b4.1b7c: 000000007787d000-000000007787bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
33719b4.1b7c: 000000007787e000-000000007787bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
33819b4.1b7c: 0000000077880000-0000000077814fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
33919b4.1b7c: 00000000778eb000-00000000701f5fff 0x0001/0x0000 0x0000000
34019b4.1b7c: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
34119b4.1b7c: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
34219b4.1b7c: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
34319b4.1b7c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
34419b4.1b7c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
34519b4.1b7c: 000000007fff0000-ffffffffc0aeffff 0x0001/0x0000 0x0000000
34619b4.1b7c: *000000013f4f0000-000000013f4eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
34719b4.1b7c: 000000013f4f1000-000000013f471fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
34819b4.1b7c: 000000013f570000-000000013f56efff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
34919b4.1b7c: 000000013f571000-000000013f539fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
35019b4.1b7c: 000000013f5a8000-000000013f59efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
35119b4.1b7c: 000000013f5b1000-000000013f577fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
35219b4.1b7c: 000000013f5ea000-fffff80380cf3fff 0x0001/0x0000 0x0000000
35319b4.1b7c: *000007fefdee0000-000007fefdedefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
35419b4.1b7c: 000007fefdee1000-000007fefde96fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
35519b4.1b7c: 000007fefdf2b000-000007fefdf15fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
35619b4.1b7c: 000007fefdf40000-000007fefdf3dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
35719b4.1b7c: 000007fefdf42000-000007fefdf38fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
35819b4.1b7c: 000007fefdf4b000-000007fefc435fff 0x0001/0x0000 0x0000000
35919b4.1b7c: *000007feffa60000-000007feffa5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
36019b4.1b7c: 000007feffa61000-000007fdff511fff 0x0001/0x0000 0x0000000
36119b4.1b7c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
36219b4.1b7c: 000007fffffd3000-000007fffffcefff 0x0001/0x0000 0x0000000
36319b4.1b7c: *000007fffffd7000-000007fffffd5fff 0x0004/0x0004 0x0020000
36419b4.1b7c: 000007fffffd8000-000007fffffd1fff 0x0001/0x0000 0x0000000
36519b4.1b7c: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
36619b4.1b7c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
36719b4.1b7c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
36819b4.1b7c: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
36919b4.1b7c: \Device\HarddiskVolume2\Windows\System32\apisetschema.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
37019b4.1b7c: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
37119b4.1b7c: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
37219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\ntdll.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
37319b4.1b7c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
37419b4.1b7c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
37519b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
37619b4.1b7c: supHardNtVpScanVirtualMemory: enmKind=VERIFY_ONLY
37719b4.1b7c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
37819b4.1b7c: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
37919b4.1b7c: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
38019b4.1b7c: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
38119b4.1b7c: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
38219b4.1b7c: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
38319b4.1b7c: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
38419b4.1b7c: *0000000000050000-fffffffffffe8fff 0x0002/0x0002 0x0040000
38519b4.1b7c: 00000000000b7000-000000000002dfff 0x0001/0x0000 0x0000000
38619b4.1b7c: *0000000000140000-0000000000045fff 0x0000/0x0004 0x0020000
38719b4.1b7c: 000000000023a000-0000000000237fff 0x0104/0x0004 0x0020000
38819b4.1b7c: 000000000023c000-0000000000237fff 0x0004/0x0004 0x0020000
38919b4.1b7c: 0000000000240000-000000000022ffff 0x0001/0x0000 0x0000000
39019b4.1b7c: *0000000000250000-000000000014ffff 0x0004/0x0004 0x0020000
39119b4.1b7c: *0000000000350000-00000000001a3fff 0x0004/0x0004 0x0020000
39219b4.1b7c: 00000000004fc000-00000000004f7fff 0x0001/0x0000 0x0000000
39319b4.1b7c: *0000000000500000-0000000000403fff 0x0004/0x0004 0x0020000
39419b4.1b7c: 00000000005fc000-00000000005f7fff 0x0000/0x0004 0x0020000
39519b4.1b7c: *0000000000600000-0000000000582fff 0x0004/0x0004 0x0020000
39619b4.1b7c: 000000000067d000-00000000004f9fff 0x0000/0x0004 0x0020000
39719b4.1b7c: *0000000000800000-00000000006dffff 0x0004/0x0004 0x0020000
39819b4.1b7c: 0000000000920000-ffffffff89d1ffff 0x0001/0x0000 0x0000000
39919b4.1b7c: *0000000077520000-000000007751efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
40019b4.1b7c: 0000000077521000-0000000077485fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
40119b4.1b7c: 00000000775bc000-000000007754dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
40219b4.1b7c: 000000007762a000-0000000077627fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
40319b4.1b7c: 000000007762c000-0000000077618fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
40419b4.1b7c: 000000007763f000-000000007753dfff 0x0001/0x0000 0x0000000
40519b4.1b7c: *0000000077740000-000000007773efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
40619b4.1b7c: 0000000077741000-000000007763efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
40719b4.1b7c: 0000000077843000-0000000077813fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
40819b4.1b7c: 0000000077872000-0000000077870fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
40919b4.1b7c: 0000000077873000-0000000077871fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
41019b4.1b7c: 0000000077874000-0000000077872fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
41119b4.1b7c: 0000000077875000-0000000077872fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
41219b4.1b7c: 0000000077877000-0000000077875fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
41319b4.1b7c: 0000000077878000-0000000077874fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
41419b4.1b7c: 000000007787b000-0000000077878fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
41519b4.1b7c: 000000007787d000-000000007787bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
41619b4.1b7c: 000000007787e000-000000007787bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
41719b4.1b7c: 0000000077880000-0000000077814fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
41819b4.1b7c: 00000000778eb000-00000000778e5fff 0x0001/0x0000 0x0000000
41919b4.1b7c: *00000000778f0000-00000000778eefff 0x0004/0x0004 0x0020000
42019b4.1b7c: 00000000778f1000-0000000070201fff 0x0001/0x0000 0x0000000
42119b4.1b7c: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
42219b4.1b7c: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
42319b4.1b7c: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
42419b4.1b7c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
42519b4.1b7c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
42619b4.1b7c: 000000007fff0000-ffffffffc0aeffff 0x0001/0x0000 0x0000000
42719b4.1b7c: *000000013f4f0000-000000013f4eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
42819b4.1b7c: 000000013f4f1000-000000013f470fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
42919b4.1b7c: 000000013f571000-000000013f539fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
43019b4.1b7c: 000000013f5a8000-000000013f59efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
43119b4.1b7c: 000000013f5b1000-000000013f577fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
43219b4.1b7c: 000000013f5ea000-fffff80380cf3fff 0x0001/0x0000 0x0000000
43319b4.1b7c: *000007fefdee0000-000007fefdedefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
43419b4.1b7c: 000007fefdee1000-000007fefde96fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
43519b4.1b7c: 000007fefdf2b000-000007fefdf15fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
43619b4.1b7c: 000007fefdf40000-000007fefdf3dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
43719b4.1b7c: 000007fefdf42000-000007fefdf38fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
43819b4.1b7c: 000007fefdf4b000-000007fefc435fff 0x0001/0x0000 0x0000000
43919b4.1b7c: *000007feffa60000-000007feffa5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
44019b4.1b7c: 000007feffa61000-000007fdff511fff 0x0001/0x0000 0x0000000
44119b4.1b7c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
44219b4.1b7c: 000007fffffd3000-000007fffffcefff 0x0001/0x0000 0x0000000
44319b4.1b7c: *000007fffffd7000-000007fffffd5fff 0x0004/0x0004 0x0020000
44419b4.1b7c: 000007fffffd8000-000007fffffd1fff 0x0001/0x0000 0x0000000
44519b4.1b7c: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
44619b4.1b7c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
44719b4.1b7c: SUPR3HardenedMain: Final process, opening VBoxDrv...
44819b4.1b7c: supR3HardNtEnableThreadCreation:
44919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=00000000005fbf80:C:\Windows\system32
45019b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
45119b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
45219b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
45319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
45419b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
45519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb570000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
45619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
45719b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
45819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb570000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
45919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb570000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
46019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll *pfFlags=0x0 pwszSearchPath=00000000002c6580:C:\Windows\system32
46119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
46219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
46319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
46419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
46519b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
46619b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
46719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
46819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
46919b4.1b7c: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
47019b4.1b7c: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
47119b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
47219b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
47319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
47419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
47519b4.1b7c: \Device\HarddiskVolume2\Windows\System32\msasn1.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
47619b4.1b7c: \Device\HarddiskVolume2\Windows\System32\msasn1.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
47719b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
47819b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
47919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
48019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
48119b4.1b7c: \Device\HarddiskVolume2\Windows\System32\crypt32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
48219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\crypt32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
48319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
48419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
48519b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
48619b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
48719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
48819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
48919b4.1b7c: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
49019b4.1b7c: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
49119b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
49219b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
49319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
49419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
49519b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
49619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
49719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
49819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
49919b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
50019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde00000 'C:\Windows\system32\Wintrust.dll'
50119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
50219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\Windows\system32\CRYPTSP.dll' [rcNt=0xc0150008]
50319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
50419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
50519b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
50619b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
50719b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
50819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd470000 'C:\Windows\system32\CRYPTSP.dll'
50919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
51019b4.1b7c: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
51119b4.1b7c: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
51219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
51319b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
51419b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
51519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
51619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
51719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
51819b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
51919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd170000 'C:\Windows\system32\rsaenh.dll'
52019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
52119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
52219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\advapi32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
52319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\advapi32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
52419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
52519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
52619b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
52719b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
52819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
52919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
53019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
53119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
53219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
53319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
53419b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
53519b4.1b7c: \Device\HarddiskVolume2\Windows\System32\sechost.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
53619b4.1b7c: \Device\HarddiskVolume2\Windows\System32\sechost.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
53719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
53819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
53919b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
54019b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
54119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf70000 'C:\Windows\system32\ADVAPI32.dll'
54219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTBASE.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
54319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'CRYPTBASE.dll' -> 'C:\Windows\system32\CRYPTBASE.dll' [rcNt=0xc0150008]
54419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
54519b4.1b7c: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
54619b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
54719b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
54819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
54919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
55019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
55119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
55219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
55319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
55419b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
55519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdad0000 'C:\Windows\system32\CRYPTBASE.dll'
55619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=kernel32.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
55719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'kernel32.dll' -> 'C:\Windows\system32\kernel32.dll' [rcNt=0xc0150008]
55819b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
55919b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
56019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077520000 'C:\Windows\system32\kernel32.dll'
56119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
56219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'WINTRUST.DLL' -> 'C:\Windows\system32\WINTRUST.DLL' [rcNt=0xc0150008]
56319b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
56419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde00000 'C:\Windows\system32\WINTRUST.DLL'
56519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
56619b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
56719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdc90000 'C:\Windows\system32\CRYPT32.dll'
56819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=imagehlp.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
56919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'imagehlp.dll' -> 'C:\Windows\system32\imagehlp.dll' [rcNt=0xc0150008]
57019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
57119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
57219b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
57319b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
57419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
57519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
57619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
57719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
57819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
57919b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
58019b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
58119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb90000 'C:\Windows\system32\imagehlp.dll'
58219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
58319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\Windows\system32\CRYPTSP.dll' [rcNt=0xc0150008]
58419b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
58519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd470000 'C:\Windows\system32\CRYPTSP.dll'
58619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=USER32.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
58719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'USER32.dll' -> 'C:\Windows\system32\USER32.dll' [rcNt=0xc0150008]
58819b4.1b7c: \Device\HarddiskVolume2\Windows\System32\user32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
58919b4.1b7c: \Device\HarddiskVolume2\Windows\System32\user32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
59019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
59119b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
59219b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
59319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
59419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
59519b4.1b7c: \Device\HarddiskVolume2\Windows\System32\gdi32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
59619b4.1b7c: \Device\HarddiskVolume2\Windows\System32\gdi32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
59719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
59819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
59919b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
60019b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
60119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
60219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
60319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\lpk.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
60419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\lpk.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
60519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
60619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
60719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
60819b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
60919b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
61019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
61119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
61219b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
61319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
61419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
61519b4.1b7c: \Device\HarddiskVolume2\Windows\System32\usp10.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
61619b4.1b7c: \Device\HarddiskVolume2\Windows\System32\usp10.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
61719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
61819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
61919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
62019b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
62119b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
62219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
62319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
62419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
62519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
62619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
62719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
62819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
62919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
63019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
63119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
63219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
63319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
63419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
63519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
63619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
63719b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
63819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=gdi32.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
63919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'gdi32.dll' -> 'C:\Windows\system32\gdi32.dll' [rcNt=0xc0150008]
64019b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
64119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'C:\Windows\system32\gdi32.dll'
64219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
64319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\imm32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
64419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\imm32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
64519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
64619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
64719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
64819b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
64919b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
65019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
65119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
65219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\msctf.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
65319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\msctf.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
65419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
65519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
65619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
65719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
65819b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
65919b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
66019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
66119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
66219b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
66319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
66419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
66519b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
66619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
66719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
66819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
66919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
67019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
67119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
67219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
67319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
67419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
67519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
67619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
67719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
67819b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
67919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe3e0000 'C:\Windows\system32\IMM32.DLL'
68019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077640000 'C:\Windows\system32\USER32.dll'
68119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=ncrypt.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
68219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'ncrypt.dll' -> 'C:\Windows\system32\ncrypt.dll' [rcNt=0xc0150008]
68319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
68419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
68519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
68619b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
68719b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
68819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
68919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
69019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
69119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
69219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
69319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
69419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
69519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
69619b4.1b7c: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
69719b4.1b7c: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
69819b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
69919b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
70019b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
70119b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
70219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5f0000 'C:\Windows\system32\ncrypt.dll'
70319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
70419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
70519b4.1b7c: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
70619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
70719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
70819b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
70919b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
71019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
71119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
71219b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
71319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
71419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
71519b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
71619b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
71719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0b0000 'C:\Windows\system32\bcryptprimitives.dll'
71819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=bcrypt.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
71919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'bcrypt.dll' -> 'C:\Windows\system32\bcrypt.dll' [rcNt=0xc0150008]
72019b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
72119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5c0000 'C:\Windows\system32\bcrypt.dll'
72219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=USERENV.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
72319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'USERENV.dll' -> 'C:\Windows\system32\USERENV.dll' [rcNt=0xc0150008]
72419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\userenv.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
72519b4.1b7c: \Device\HarddiskVolume2\Windows\System32\userenv.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
72619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
72719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
72819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
72919b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
73019b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
73119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
73219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
73319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\profapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
73419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\profapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
73519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
73619b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
73719b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
73819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
73919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
74019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
74119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
74219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
74319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
74419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
74519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
74619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
74719b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
74819b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
74919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcef0000 'C:\Windows\system32\USERENV.dll'
75019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
75119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe050000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
75219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
75319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe050000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
75419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=GPAPI.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
75519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'GPAPI.dll' -> 'C:\Windows\system32\GPAPI.dll' [rcNt=0xc0150008]
75619b4.1b7c: \Device\HarddiskVolume2\Windows\System32\gpapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
75719b4.1b7c: \Device\HarddiskVolume2\Windows\System32\gpapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
75819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
75919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
76019b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
76119b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
76219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
76319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
76419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
76519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
76619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
76719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
76819b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
76919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefced0000 'C:\Windows\system32\GPAPI.dll'
77019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
77119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe050000 'API-MS-WIN-Service-Management-L1-1-0.dll'
77219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=rpcrt4.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
77319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'rpcrt4.dll' -> 'C:\Windows\system32\rpcrt4.dll' [rcNt=0xc0150008]
77419b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
77519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe190000 'C:\Windows\system32\rpcrt4.dll'
77619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
77719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe050000 'API-MS-WIN-Service-Management-L2-1-0.dll'
77819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
77919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe050000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
78019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
78119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
78219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
78319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
78419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
78519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'crypt32.dll'.
78619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'wldap32.dll'.
78719b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
78819b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
78919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
79019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll'
79119b4.1b7c: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
79219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
79319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
79419b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
79519b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
79619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
79719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
79819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
79919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
80019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
80119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
80219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
80319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
80419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
80519b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
80619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
80719b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
80819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
80919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
81019b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
81119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
81219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
81319b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
81419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
81519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
81619b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
81719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
81819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
81919b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
82019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
82119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
82219b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
82319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
82419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
82519b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
82619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
82719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
82819b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
82919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
83019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
83119b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
83219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
83319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
83419b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
83519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
83619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x2 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
83719b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
83819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
83919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
84019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=SHLWAPI.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
84119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'SHLWAPI.dll' -> 'C:\Windows\system32\SHLWAPI.dll' [rcNt=0xc0150008]
84219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
84319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
84419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
84519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
84619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
84719b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
84819b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
84919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
85019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
85119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
85219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
85319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
85419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
85519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
85619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
85719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
85819b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
85919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe860000 'C:\Windows\system32\SHLWAPI.dll'
86019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
86119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe050000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
86219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=profapi.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
86319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'profapi.dll' -> 'C:\Windows\system32\profapi.dll' [rcNt=0xc0150008]
86419b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
86519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdba0000 'C:\Windows\system32\profapi.dll'
86619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=setupapi.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
86719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'setupapi.dll' -> 'C:\Windows\system32\setupapi.dll' [rcNt=0xc0150008]
86819b4.1b7c: \Device\HarddiskVolume2\Windows\System32\setupapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
86919b4.1b7c: \Device\HarddiskVolume2\Windows\System32\setupapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
87019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
87119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
87219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
87319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
87419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
87519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
87619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
87719b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll)
87819b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
87919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
88019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll'
88119b4.1b7c: \Device\HarddiskVolume2\Windows\System32\devobj.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
88219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\devobj.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
88319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
88419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
88519b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)
88619b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
88719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
88819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
88919b4.1b7c: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
89019b4.1b7c: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
89119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
89219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
89319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
89419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
89519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
89619b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll)
89719b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
89819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
89919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
90019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
90119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
90219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
90319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
90419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
90519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
90619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
90719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
90819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
90919b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
91019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
91119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
91219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
91319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
91419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
91519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
91619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
91719b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)
91819b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
91919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
92019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
92119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
92219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
92319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
92419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
92519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
92619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
92719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
92819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
92919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
93019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
93119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
93219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
93319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
93419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
93519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
93619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
93719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
93819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
93919b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
94019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
94119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
94219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\ole32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
94319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\ole32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
94419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
94519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
94619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
94719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
94819b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ole32.dll)
94919b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
95019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
95119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
95219b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
95319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
95419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
95519b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
95619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
95719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
95819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
95919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
96019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
96119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
96219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
96319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
96419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
96519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
96619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
96719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
96819b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
96919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
97019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077520000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
97119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe410000 'C:\Windows\system32\setupapi.dll'
97219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=Cabinet.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
97319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'Cabinet.dll' -> 'C:\Windows\system32\Cabinet.dll' [rcNt=0xc0150008]
97419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\cabinet.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
97519b4.1b7c: \Device\HarddiskVolume2\Windows\System32\cabinet.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
97619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
97719b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cabinet.dll)
97819b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cabinet.dll
97919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
98019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
98119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
98219b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cabinet.dll [lacks WinVerifyTrust]
98319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc5f0000 'C:\Windows\system32\Cabinet.dll'
98419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=DEVRTL.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
98519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'DEVRTL.dll' -> 'C:\Windows\system32\DEVRTL.dll' [rcNt=0xc0150008]
98619b4.1b7c: \Device\HarddiskVolume2\Windows\System32\devrtl.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
98719b4.1b7c: \Device\HarddiskVolume2\Windows\System32\devrtl.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
98819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
98919b4.1b7c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devrtl.dll)
99019b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devrtl.dll
99119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
99219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
99319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
99419b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll [lacks WinVerifyTrust]
99519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf10000 'C:\Windows\system32\DEVRTL.dll'
99619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
99719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
99819b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
99919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa1b0000 'C:\Windows\system32\cryptnet.dll'
100019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
100119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000034cfd0
100219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
100319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=866DDB003158E58EECBEE1A3E2C950A8A69F5DD3
100419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
100519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe050000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
100619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
100719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe050000 'API-MS-WIN-Service-Management-L1-1-0.dll'
100819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
100919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe050000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
101019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
101119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
101219b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
101319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdf70000 'C:\Windows\system32\ADVAPI32.dll'
101419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
101519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe050000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
101619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
101719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe050000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
101819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_9_for_KB2582203~31bf3856ad364e35~amd64~~6.1.2.0.cat'; file='\SystemRoot\System32\ntdll.dll'
101919b4.1b7c: g_pfnWinVerifyTrust=000007fefde01010
102019b4.1b7c: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
102119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
102219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
102319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
102419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=182E6F79914D49DF28459DA814876FC993B84468
102519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_7_for_KB2615174~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
102619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
102719b4.1b7c: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
102819b4.1b7c: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
102919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
103019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
103119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
103219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DBD5D88D100825A4A22743B0FD6EF53BF9B657CA
103319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2653956~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
103419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
103519b4.1b7c: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
103619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000404 pwszName=\Device\HarddiskVolume2\Windows\System32\devrtl.dll
103719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
103819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
103919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A
104019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2552343~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
104119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
104219b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
104319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003f4 pwszName=\Device\HarddiskVolume2\Windows\System32\cabinet.dll
104419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
104519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
104619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5D1555851298EA005A2E9FEA027F5898BC240083
104719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cabinet.dll'
104819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
104919b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cabinet.dll'
105019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003bc pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
105119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
105219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
105319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=53E7F399C252FCB2432CF12AE186607A29B05C3B
105419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2545479~31bf3856ad364e35~amd64~~6.1.2.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
105519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
105619b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
105719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003b8 pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
105819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
105919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
106019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
106119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2552343~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
106219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
106319b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
106419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003b4 pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
106519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
106619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
106719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1D7CC9111C6B5A59641FA11BE0A6A1841FEBBCD
106819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2564958~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
106919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
107019b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
107119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003b0 pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
107219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
107319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
107419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
107519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2552343~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
107619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
107719b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devobj.dll'
107819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003ac pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
107919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
108019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
108119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=61D2F3383797A6102BF0451CEA866AA3B25A1E3F
108219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2619914~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
108319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
108419b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
108519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003a0 pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
108619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
108719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
108819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D2874423413B01B4F590C81C426758DC75648AC1
108919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_7_for_KB2641618~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
109019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
109119b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
109219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000394 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
109319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
109419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
109519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AE6BC64AA0324B995BE4547BD6D73C4E25E26059
109619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2619880~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
109719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
109819b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
109919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000390 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
110019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
110119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
110219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CA2FE16E05087DA5C24DC5EB2EE8053CDA5DE9A9
110319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
110419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
110519b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
110619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000025c pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
110719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
110819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
110919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
111019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
111119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
111219b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
111319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c8 pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
111419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
111519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
111619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
111719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
111819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
111919b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
112019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
112119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
112219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
112319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FEBF1852D192776129DE4710CB4532A2C68E6045
112419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2600484~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
112519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
112619b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
112719b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
112819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000019c pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
112919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
113019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
113119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
113219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
113319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
113419b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
113519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
113619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
113719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
113819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6346E2270FAE938CFE988BBF7992CC2F16FDD115
113919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2785220~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
114019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
114119b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
114219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
114319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
114419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
114519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6B384589D138616B3DBEAC42A8B650E961A30F8B
114619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2617157~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
114719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
114819b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
114919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
115019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
115119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
115219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
115319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
115419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
115519b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
115619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
115719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
115819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
115919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C3B6C4900AF128307B7F404C8B87D9E7709B2275
116019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2618517~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
116119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
116219b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
116319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
116419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
116519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
116619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A42DFBB8A3A26D2178D79D34DA1CE275E2A0BE37
116719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
116819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
116919b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
117019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000170 pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
117119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
117219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
117319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=517060B6F77D7CE521D25C74F1334F818E554241
117419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2616332~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
117519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
117619b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
117719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
117819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
117919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
118019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=017D6732BF3C5BA133FC116F57D20B4FF549E1D9
118119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_225_for_KB2627489~31bf3856ad364e35~amd64~~6.1.3.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\user32.dll'
118219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
118319b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
118419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000168 pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
118519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
118619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
118719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2F0A0F84DD55507C56A273E145872B7ECBEDE3F5
118819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2653956~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
118919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
119019b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
119119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000164 pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
119219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
119319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
119419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E8B34FD6019C12A3AD997917482F677B142DEDBE
119519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB2790113~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
119619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
119719b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
119819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000118 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
119919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
120019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
120119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
120219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
120319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
120419b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
120519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000010c pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
120619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
120719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
120819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=462905914EA6B14B14AC7D6F2E4FC7460F1297EB
120919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2616386~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
121019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
121119b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
121219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000100 pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
121319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
121419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
121519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D0911C2AAF9631336FC8A74BC5D44A9932CBD6D3
121619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2616386~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
121719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
121819b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
121919b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
122019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000fc pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
122119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
122219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
122319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
122419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
122519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
122619b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
122719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
122819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
122919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
123019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
123119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
123219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
123319b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
123419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
123519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
123619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
123719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57F023F98C5CD166C8F956C91DEF2FA6CFDCA2E9
123819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_7_for_KB2480994~31bf3856ad364e35~amd64~~6.1.2.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
123919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
124019b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
124119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d0 pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
124219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
124319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
124419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0BF1CEBFCCC91A69A101A3E89AA84F6578572A78
124519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_63_for_KB2619234~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
124619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
124719b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
124819b4.1b7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
124919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll *pfFlags=0x0 pwszSearchPath=000000000033efc0:C:\Windows\system32
125019b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
125119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdc90000 'C:\Windows\system32\crypt32.dll'
125219b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
125319b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
125419b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
125519b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
125619b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
125719b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
125819b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
125919b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
126019b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
126119b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
126219b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
126319b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
126419b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
126519b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
126619b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
126719b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
126819b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
126919b4.1b7c: supR3HardenedWinIsDesiredRootCA: Adding 0x9259c8abe5ca713a L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com/, Email=info@valicert.com
127019b4.1b7c: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=18
127119b4.1b7c: SUPR3HardenedMain: Load Runtime...
127219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c68c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
127319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
127419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
127519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
127619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
127719b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll)WinVerifyTrust
127819b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
127919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
128019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
128119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
128219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
128319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
128419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
128519b4.1b7c: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
128619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a8 pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
128719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
128819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
128919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
129019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
129119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
129219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
129319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
129419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
129519b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll)WinVerifyTrust
129619b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
129719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
129819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
129919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
130019b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll)WinVerifyTrust
130119b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
130219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
130319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
130419b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)WinVerifyTrust
130519b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
130619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
130719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
130819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
130919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
131019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll'
131119b4.1b7c: \Device\HarddiskVolume2\Windows\System32\nsi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
131219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\nsi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
131319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004b8 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
131419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
131519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
131619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
131719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
131819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
131919b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll)WinVerifyTrust
132019b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
132119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
132219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
132319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
132419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
132519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
132619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
132719b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
132819b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
132919b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
133019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
133119b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
133219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
133319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
133419b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
133519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
133619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
133719b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
133819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
133919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
134019b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
134119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
134219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
134319b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
134419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
134519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
134619b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
134719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
134819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
134919b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
135019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
135119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
135219b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
135319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
135419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
135519b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
135619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
135719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
135819b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
135919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
136019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
136119b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
136219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
136319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
136419b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
136519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
136619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
136719b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
136819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
136919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
137019b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
137119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
137219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
137319b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
137419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
137519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
137619b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
137719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
137819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
137919b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
138019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
138119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
138219b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
138319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
138419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
138519b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
138619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
138719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
138819b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
138919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
139019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
139119b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
139219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
139319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
139419b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
139519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
139619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
139719b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
139819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
139919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
140019b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
140119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
140219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
140319b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
140419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
140519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
140619b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
140719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
140819b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
140919b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
141019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
141119b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
141219b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
141319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
141419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
141519b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
141619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
141719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
141819b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
141919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
142119b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
142219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000002c5ac0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
142419b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
142519b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142619b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef38d0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
142719b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll *pfFlags=0x0 pwszSearchPath=00000000005ffc70:C:\Windows\system32
142819b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
142919b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde00000 'C:\Windows\system32\Wintrust.dll'
143019b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll *pfFlags=0x0 pwszSearchPath=00000000005ffc70:C:\Windows\system32
143119b4.1b7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
143219b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdc90000 'C:\Windows\system32\crypt32.dll'
143319b4.1b7c: SUPR3HardenedMain: Load TrustedMain...
143419b4.1b7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll *pfFlags=0x0 pwszSearchPath=00000000002c68c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
143519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
143619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
143719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
143819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
143919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
144019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
144119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
144219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
144319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
144419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
144519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
144619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
144719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
144819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
144919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
145019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
145119b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll)WinVerifyTrust
145219b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
145319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
145419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll'
145519b4.1b7c: \Device\HarddiskVolume2\Windows\System32\winmm.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
145619b4.1b7c: \Device\HarddiskVolume2\Windows\System32\winmm.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
145719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f8 pwszName=\Device\HarddiskVolume2\Windows\System32\winmm.dll
145819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
145919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
146019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1784364C88AA0D688F77B5F155A237A9A5826F3F
146119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2538047~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\winmm.dll'
146219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
146319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
146419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
146519b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll)WinVerifyTrust
146619b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
146719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
146819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
146919b4.1b7c: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
147019b4.1b7c: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
147119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000504 pwszName=\Device\HarddiskVolume2\Windows\System32\comdlg32.dll
147219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
147319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
147419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
147519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
147619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
147719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
147819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
147919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
148019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
148119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
148219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
148319b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll)WinVerifyTrust
148419b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
148519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
148619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
148719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
148819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
148919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
149019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
149119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
149219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
149319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000508 pwszName=\Device\HarddiskVolume2\Windows\System32\shell32.dll
149419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
149519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
149619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AAA26A59ACB8916CC8B81C3CCE996E7AD5930E20
149719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2691442~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\Windows\System32\shell32.dll'
149819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
149919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
150019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
150119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
150219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
150319b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll)WinVerifyTrust
150419b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
150519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
150619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
150719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
150819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
150919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
151019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
151119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
151219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
151319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
151419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
151519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll'
151619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
151719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
151819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
151919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
152019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
152119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
152219b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)WinVerifyTrust
152319b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
152419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
152519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll'
152619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
152719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
152819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
152919b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll)WinVerifyTrust
153019b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
153119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
153219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll'
153319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
153419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
153519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
153619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
153719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
153819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
153919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
154019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
154119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
154219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
154319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
154419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
154519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
154619b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)WinVerifyTrust
154719b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
154819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
154919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
155019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
155119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
155219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
155319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
155419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
155519b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
155619b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)WinVerifyTrust
155719b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
155819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
155919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
156019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
156119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
156219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
156319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
156419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
156519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
156619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
156719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
156819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
156919b4.1b7c: \Device\HarddiskVolume2\Windows\System32\opengl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
157019b4.1b7c: \Device\HarddiskVolume2\Windows\System32\opengl32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
157119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000538 pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
157219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
157319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
157419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
157519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
157619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
157719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
157819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
157919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
158019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
158119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
158219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
158319b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll)WinVerifyTrust
158419b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
158519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
158619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
158719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
158819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
158919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
159019b4.1b7c: \Device\HarddiskVolume2\Windows\System32\ddraw.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
159119b4.1b7c: \Device\HarddiskVolume2\Windows\System32\ddraw.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
159219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000052c pwszName=\Device\HarddiskVolume2\Windows\System32\ddraw.dll
159319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
159419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
159519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
159619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
159719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
159819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
159919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
160019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
160119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
160219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
160319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
160419b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll)WinVerifyTrust
160519b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
160619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
160719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll'
160819b4.1b7c: \Device\HarddiskVolume2\Windows\System32\glu32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
160919b4.1b7c: \Device\HarddiskVolume2\Windows\System32\glu32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
161019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000528 pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
161119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
161219b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
161319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E828B863A516A49953338306D078BFA6CC3CA490
161419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2466493~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\glu32.dll'
161519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
161619b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
161719b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
161819b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
161919b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\glu32.dll)WinVerifyTrust
162019b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
162119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
162219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
162319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
162419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
162519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
162619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
162719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
162819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
162919b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
163019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
163119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
163219b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
163319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
163419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
163519b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
163619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
163719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
163819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
163919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
164019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
164119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
164219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
164319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
164419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
164519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
164619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
164719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
164819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
164919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
165019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
165119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
165219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
165319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
165419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
165519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
165619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
165719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
165819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
165919b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
166019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
166119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
166219b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
166319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
166419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
166519b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
166619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
166719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
166819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
166919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
167019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv'
167119b4.1b7c: \Device\HarddiskVolume2\Windows\System32\winspool.drv: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
167219b4.1b7c: \Device\HarddiskVolume2\Windows\System32\winspool.drv: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
167319b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000534 pwszName=\Device\HarddiskVolume2\Windows\System32\winspool.drv
167419b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
167519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
167619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=00BDDD44BABBCB727197D19CDB20F70547BD1958
167719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_7_for_KB2542200~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\winspool.drv'
167819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
167919b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
168019b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
168119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
168219b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winspool.drv)WinVerifyTrust
168319b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv
168419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
168519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll'
168619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
168719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
168819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
168919b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
169019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
169119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
169219b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
169319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
169419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
169519b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
169619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
169719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
169819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
169919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
170019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
170119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
170219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
170319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
170419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
170519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
170619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
170719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
170819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
170919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
171019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
171119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
171219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
171319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
171419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
171519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll'
171619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
171719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
171819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
171919b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
172019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
172119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
172219b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
172319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
172419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
172519b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
172619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
172719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
172819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
172919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
173019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
173119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
173219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
173319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
173419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
173519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
173619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
173719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
173819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
173919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
174019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
174119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
174219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll'
174319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\comctl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
174419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\comctl32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
174519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000520 pwszName=\Device\HarddiskVolume2\Windows\System32\comctl32.dll
174619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
174719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
174819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4D3B2DA266DE92D9E1311E30C810160CDC5BD5AA
174919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\comctl32.dll'
175019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
175119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
175219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
175319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
175419b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll)WinVerifyTrust
175519b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll
175619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
175719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
175819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
175919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
176019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
176119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
176219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
176319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
176419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
176519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
176619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
176719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
176819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
176919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
177019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
177119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
177219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
177319b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
177419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
177519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
177619b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
177719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
177819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
177919b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
178019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
178119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
178219b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
178319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
178419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
178519b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
178619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
178719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
178819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
178919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
179019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
179119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
179219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
179319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
179419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
179519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
179619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
179719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
179819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
179919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
180019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
180119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
180219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
180319b4.1b7c: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
180419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
180519b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000554 pwszName=\Device\HarddiskVolume2\Windows\System32\dwmapi.dll
180619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
180719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
180819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
180919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
181019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
181119b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
181219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
181319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
181419b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll)WinVerifyTrust
181519b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
181619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
181719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
181819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
181919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
182019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
182119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
182219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
182319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
182419b4.1b7c: \Device\HarddiskVolume2\Windows\System32\dciman32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
182519b4.1b7c: \Device\HarddiskVolume2\Windows\System32\dciman32.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
182619b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000550 pwszName=\Device\HarddiskVolume2\Windows\System32\dciman32.dll
182719b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000034cfd0
182819b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000034cfd0
182919b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3FEC714D729F7CAEB9B7A25E2012B6A6E9007F5
183019b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
183119b4.1b7c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
183219b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
183319b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
183419b4.1b7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
183519b4.1b7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll)WinVerifyTrust
183619b4.1b7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
183719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
183819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
183919b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
184019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
184119b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
184219b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
184319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
184419b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
184519b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
184619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
184719b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
184819b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
184919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
185019b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
185119b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
185219b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
185319b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
185419b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
185519b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
185619b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
185719b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
185819b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
185919b4.1b7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
186019b4.1b7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
186119b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
186219b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
186319b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
186419b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
186519b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
186619b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
186719b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
186819b4.1b7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
186919b4.1b7c: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll: Owner is not trusted installer (01 05 00 00 00 00 00 05 15 00 00 00 15 1a 7e 79 15 ff 30 e4 6a 96 d7 de e8 03 00 00)
187019b4.1b7c: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll)
187119b4.1b7c: Error (rc=0):
187219b4.1b7c: supR3HardenedScreenImage/NtCreateSection: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0xf fAccess=0x10 \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll'.
187319b4.1b7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
187419b4.1b7c: Fatal error:
187519b4.1b7c: supR3HardenedMainGetTrustedMain: LoadLibrary "C:\Program Files\Oracle\VirtualBox/VirtualBox.dll" failed, rc=1790
18761900.1b10: supR3HardenedWinDoReSpawn(2): Quitting: ExitCode=0x1 rcNt=0x0
1877e54.10c: supR3HardenedWinDoReSpawn(1): Quitting: ExitCode=0x1 rcNt=0x0

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy