VirtualBox

Ticket #13583: VBoxStartup.log

File VBoxStartup.log, 340.1 KB (added by neilo, 10 years ago)

VBoxStartup.log

Line 
1191c.2148: Log file opened: 4.3.18r96516 g_hStartupLog=000000000000002c g_uNtVerCombined=0x611db110
2191c.2148: \SystemRoot\System32\ntdll.dll:
3191c.2148: CreationTime: 2013-11-03T11:01:59.244738900Z
4191c.2148: LastWriteTime: 2013-11-03T11:01:59.245738400Z
5191c.2148: ChangeTime: 2014-08-29T00:39:59.836030300Z
6191c.2148: FileAttributes: 0x20
7191c.2148: Size: 0x1a6dc0
8191c.2148: NT Headers: 0xe0
9191c.2148: Timestamp: 0x521eaf24
10191c.2148: Machine: 0x8664 - amd64
11191c.2148: Timestamp: 0x521eaf24
12191c.2148: Image Version: 6.1
13191c.2148: SizeOfImage: 0x1a9000 (1740800)
14191c.2148: Resource Dir: 0x151000 LB 0x560d8
15191c.2148: ProductName: Microsoft® Windows® Operating System
16191c.2148: ProductVersion: 6.1.7601.18247
17191c.2148: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
18191c.2148: FileDescription: NT Layer DLL
19191c.2148: \SystemRoot\System32\kernel32.dll:
20191c.2148: CreationTime: 2014-07-10T06:14:03.134341500Z
21191c.2148: LastWriteTime: 2014-07-10T06:14:03.136351000Z
22191c.2148: ChangeTime: 2014-08-29T00:41:06.912595100Z
23191c.2148: FileAttributes: 0x20
24191c.2148: Size: 0x11c000
25191c.2148: NT Headers: 0xe8
26191c.2148: Timestamp: 0x5315a059
27191c.2148: Machine: 0x8664 - amd64
28191c.2148: Timestamp: 0x5315a059
29191c.2148: Image Version: 6.1
30191c.2148: SizeOfImage: 0x11f000 (1175552)
31191c.2148: Resource Dir: 0x116000 LB 0x528
32191c.2148: ProductName: Microsoft® Windows® Operating System
33191c.2148: ProductVersion: 6.1.7601.18409
34191c.2148: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
35191c.2148: FileDescription: Windows NT BASE API Client DLL
36191c.2148: \SystemRoot\System32\KernelBase.dll:
37191c.2148: CreationTime: 2014-07-10T06:20:11.693506000Z
38191c.2148: LastWriteTime: 2014-07-10T06:20:11.695512700Z
39191c.2148: ChangeTime: 2014-08-29T00:41:06.928219900Z
40191c.2148: FileAttributes: 0x20
41191c.2148: Size: 0x67c00
42191c.2148: NT Headers: 0xe8
43191c.2148: Timestamp: 0x5315a05a
44191c.2148: Machine: 0x8664 - amd64
45191c.2148: Timestamp: 0x5315a05a
46191c.2148: Image Version: 6.1
47191c.2148: SizeOfImage: 0x6c000 (442368)
48191c.2148: Resource Dir: 0x6a000 LB 0x530
49191c.2148: ProductName: Microsoft® Windows® Operating System
50191c.2148: ProductVersion: 6.1.7601.18409
51191c.2148: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
52191c.2148: FileDescription: Windows NT BASE API Client DLL
53191c.2148: \SystemRoot\System32\apisetschema.dll:
54191c.2148: CreationTime: 2013-10-15T05:09:13.656534900Z
55191c.2148: LastWriteTime: 2013-10-15T05:09:13.657535900Z
56191c.2148: ChangeTime: 2014-08-29T00:39:54.393257000Z
57191c.2148: FileAttributes: 0x20
58191c.2148: Size: 0x1a00
59191c.2148: NT Headers: 0xc0
60191c.2148: Timestamp: 0x51fb15ca
61191c.2148: Machine: 0x8664 - amd64
62191c.2148: Timestamp: 0x51fb15ca
63191c.2148: Image Version: 6.1
64191c.2148: SizeOfImage: 0x50000 (327680)
65191c.2148: Resource Dir: 0x30000 LB 0x3f8
66191c.2148: ProductName: Microsoft® Windows® Operating System
67191c.2148: ProductVersion: 6.1.7601.18229
68191c.2148: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
69191c.2148: FileDescription: ApiSet Schema DLL
70191c.2148: Found driver SymNetS (0x2)
71191c.2148: Found driver SymDS (0x2)
72191c.2148: Found driver SRTSPX (0x2)
73191c.2148: Found driver SymEvent (0x2)
74191c.2148: Found driver SymIRON (0x2)
75191c.2148: supR3HardenedWinFindAdversaries: 0x2
76191c.2148: \SystemRoot\System32\drivers\SysPlant.sys:
77191c.2148: CreationTime: 2014-08-29T01:01:43.659507100Z
78191c.2148: LastWriteTime: 2014-09-02T16:54:35.552810700Z
79191c.2148: ChangeTime: 2014-09-02T16:54:35.552810700Z
80191c.2148: FileAttributes: 0x20
81191c.2148: Size: 0x25d18
82191c.2148: NT Headers: 0xf8
83191c.2148: Timestamp: 0x509521f1
84191c.2148: Machine: 0x8664 - amd64
85191c.2148: Timestamp: 0x509521f1
86191c.2148: Image Version: 5.0
87191c.2148: SizeOfImage: 0x2d000 (184320)
88191c.2148: Resource Dir: 0x2b000 LB 0x498
89191c.2148: ProductName: Symantec CMC Firewall
90191c.2148: ProductVersion: 12.1.2015.2015
91191c.2148: FileVersion: 12.1.2015.2015
92191c.2148: FileDescription: Symantec CMC Firewall SysPlant
93191c.2148: \SystemRoot\System32\sysfer.dll:
94191c.2148: CreationTime: 2014-08-29T01:01:43.659507100Z
95191c.2148: LastWriteTime: 2014-09-02T16:54:35.552810700Z
96191c.2148: ChangeTime: 2014-09-02T16:54:35.552810700Z
97191c.2148: FileAttributes: 0x20
98191c.2148: Size: 0x6ffd0
99191c.2148: NT Headers: 0xe8
100191c.2148: Timestamp: 0x5095227d
101191c.2148: Machine: 0x8664 - amd64
102191c.2148: Timestamp: 0x5095227d
103191c.2148: Image Version: 0.0
104191c.2148: SizeOfImage: 0x87000 (552960)
105191c.2148: Resource Dir: 0x85000 LB 0x630
106191c.2148: ProductName: Symantec CMC Firewall
107191c.2148: ProductVersion: 12.1.2015.2015
108191c.2148: FileVersion: 12.1.2015.2015
109191c.2148: FileDescription: Symantec CMC Firewall sysfer
110191c.2148: \SystemRoot\System32\sysferThunk.dll:
111191c.2148: CreationTime: 2014-08-29T01:01:43.659507100Z
112191c.2148: LastWriteTime: 2014-09-02T16:54:35.552810700Z
113191c.2148: ChangeTime: 2014-09-02T16:54:35.552810700Z
114191c.2148: FileAttributes: 0x20
115191c.2148: Size: 0x2dd0
116191c.2148: NT Headers: 0xd0
117191c.2148: Timestamp: 0x5095227e
118191c.2148: Machine: 0x8664 - amd64
119191c.2148: Timestamp: 0x5095227e
120191c.2148: Image Version: 0.0
121191c.2148: SizeOfImage: 0x8000 (32768)
122191c.2148: Resource Dir: 0x6000 LB 0x648
123191c.2148: ProductName: Symantec CMC Firewall
124191c.2148: ProductVersion: 12.1.2015.2015
125191c.2148: FileVersion: 12.1.2015.2015
126191c.2148: FileDescription: Symantec CMC Firewall SysferThunk
127191c.2148: \SystemRoot\System32\drivers\symevent64x86.sys:
128191c.2148: CreationTime: 2014-08-29T01:01:56.670324100Z
129191c.2148: LastWriteTime: 2014-09-02T16:54:02.671596400Z
130191c.2148: ChangeTime: 2014-09-02T16:54:02.671596400Z
131191c.2148: FileAttributes: 0x20
132191c.2148: Size: 0x2b4a0
133191c.2148: NT Headers: 0xe8
134191c.2148: Timestamp: 0x50346f1e
135191c.2148: Machine: 0x8664 - amd64
136191c.2148: Timestamp: 0x50346f1e
137191c.2148: Image Version: 6.0
138191c.2148: SizeOfImage: 0x38000 (229376)
139191c.2148: Resource Dir: 0x36000 LB 0x3c8
140191c.2148: ProductName: SYMEVENT
141191c.2148: ProductVersion: 12.9.3.1
142191c.2148: FileVersion: 12.9.3.1
143191c.2148: FileDescription: Symantec Event Library
144191c.2148: Calling main()
145191c.2148: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0
146191c.2148: SUPR3HardenedMain: Respawn #1
147191c.2148: System32: \Device\HarddiskVolume2\Windows\System32
148191c.2148: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
149191c.2148: KnownDllPath: C:\WINDOWS\system32
150191c.2148: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
151191c.2148: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe)
152191c.2148: supR3HardNtEnableThreadCreation:
153191c.2148: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778ec340 pvNtTerminateThread=00000000779117e0
154191c.2148: supR3HardenedWinDoReSpawn(1): New child 4fc.22ec [kernel32].
155191c.2148: supR3HardNtChildGatherData: PebBaseAddress=000007fffffde000 cbPeb=0x380
156191c.2148: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000778c0000 uNtDllChildAddr=00000000778c0000
157191c.2148: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000778ec340
158191c.2148: supR3HardenedWinSetupChildInit: Start child.
159191c.2148: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
160191c.2148: supR3HardNtChildPurify: Startup delay kludge #1/0: 522 ms, 52 sleeps
161191c.2148: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
162191c.2148: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
163191c.2148: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
164191c.2148: *0000000000030000-0000000000027fff 0x0040/0x0040 0x0020000 !!
165191c.2148: supHardNtVpScanVirtualMemory: Freeing exec mem at 0000000000030000 (0000000000030000 LB 0x8000)
166191c.2148: 0000000000038000-000000000002ffff 0x0001/0x0000 0x0000000
167191c.2148: *0000000000040000-000000000003bfff 0x0002/0x0002 0x0040000
168191c.2148: 0000000000044000-0000000000037fff 0x0001/0x0000 0x0000000
169191c.2148: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
170191c.2148: 0000000000051000-ffffffffffee1fff 0x0001/0x0000 0x0000000
171191c.2148: *00000000001c0000-00000000000c3fff 0x0000/0x0004 0x0020000
172191c.2148: 00000000002bc000-00000000002b8fff 0x0104/0x0004 0x0020000
173191c.2148: 00000000002bf000-00000000002bdfff 0x0004/0x0004 0x0020000
174191c.2148: 00000000002c0000-ffffffff88cbffff 0x0001/0x0000 0x0000000
175191c.2148: *00000000778c0000-00000000778befff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
176191c.2148: 00000000778c1000-00000000777befff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
177191c.2148: 00000000779c3000-0000000077993fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
178191c.2148: 00000000779f2000-00000000779e9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
179191c.2148: 00000000779fa000-00000000779f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
180191c.2148: 00000000779fb000-00000000779f7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
181191c.2148: 00000000779fe000-0000000077992fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
182191c.2148: 0000000077a69000-00000000704f1fff 0x0001/0x0000 0x0000000
183191c.2148: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
184191c.2148: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
185191c.2148: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
186191c.2148: 000000007fff0000-ffffffffc051ffff 0x0001/0x0000 0x0000000
187191c.2148: *000000013fac0000-000000013fabefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
188191c.2148: 000000013fac1000-000000013fa3cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
189191c.2148: 000000013fb45000-000000013fb43fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
190191c.2148: 000000013fb46000-000000013fb08fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
191191c.2148: 000000013fb83000-000000013fb81fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
192191c.2148: 000000013fb84000-000000013fb82fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
193191c.2148: 000000013fb85000-000000013fb82fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
194191c.2148: 000000013fb87000-000000013fb85fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
195191c.2148: 000000013fb88000-000000013fb86fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
196191c.2148: 000000013fb89000-000000013fb84fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
197191c.2148: 000000013fb8d000-000000013fb53fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
198191c.2148: 000000013fbc6000-fffff8037fbabfff 0x0001/0x0000 0x0000000
199191c.2148: *000007feffbe0000-000007feffbdefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
200191c.2148: 000007feffbe1000-000007fdff811fff 0x0001/0x0000 0x0000000
201191c.2148: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
202191c.2148: 000007fffffd3000-000007fffffc9fff 0x0001/0x0000 0x0000000
203191c.2148: *000007fffffdc000-000007fffffd9fff 0x0004/0x0004 0x0020000
204191c.2148: *000007fffffde000-000007fffffdcfff 0x0004/0x0004 0x0020000
205191c.2148: 000007fffffdf000-000007fffffddfff 0x0001/0x0000 0x0000000
206191c.2148: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
207191c.2148: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
208191c.2148: VBoxHeadless.exe: timestamp 0x5439147b (rc=VINF_SUCCESS)
209191c.2148: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
210191c.2148: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
211191c.2148: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
212191c.2148: supR3HardNtChildPurify: cFixes=1 g_fSupAdversaries=0x2 cPatchCount=0
213191c.2148: supR3HardNtChildPurify: Startup delay kludge #1/1: 520 ms, 52 sleeps
214191c.2148: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
215191c.2148: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
216191c.2148: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
217191c.2148: 0000000000030000-000000000001ffff 0x0001/0x0000 0x0000000
218191c.2148: *0000000000040000-000000000003bfff 0x0002/0x0002 0x0040000
219191c.2148: 0000000000044000-0000000000037fff 0x0001/0x0000 0x0000000
220191c.2148: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
221191c.2148: 0000000000051000-ffffffffffee1fff 0x0001/0x0000 0x0000000
222191c.2148: *00000000001c0000-00000000000c3fff 0x0000/0x0004 0x0020000
223191c.2148: 00000000002bc000-00000000002b8fff 0x0104/0x0004 0x0020000
224191c.2148: 00000000002bf000-00000000002bdfff 0x0004/0x0004 0x0020000
225191c.2148: 00000000002c0000-ffffffff88cbffff 0x0001/0x0000 0x0000000
226191c.2148: *00000000778c0000-00000000778befff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
227191c.2148: 00000000778c1000-00000000777befff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
228191c.2148: 00000000779c3000-0000000077993fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
229191c.2148: 00000000779f2000-00000000779e9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
230191c.2148: 00000000779fa000-00000000779f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
231191c.2148: 00000000779fb000-00000000779f9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
232191c.2148: 00000000779fc000-00000000779f9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
233191c.2148: 00000000779fe000-0000000077992fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
234191c.2148: 0000000077a69000-00000000704f1fff 0x0001/0x0000 0x0000000
235191c.2148: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
236191c.2148: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
237191c.2148: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
238191c.2148: 000000007fff0000-ffffffffc051ffff 0x0001/0x0000 0x0000000
239191c.2148: *000000013fac0000-000000013fabefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
240191c.2148: 000000013fac1000-000000013fa3cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
241191c.2148: 000000013fb45000-000000013fb43fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
242191c.2148: 000000013fb46000-000000013fb08fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
243191c.2148: 000000013fb83000-000000013fb78fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
244191c.2148: 000000013fb8d000-000000013fb53fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
245191c.2148: 000000013fbc6000-fffff8037fbabfff 0x0001/0x0000 0x0000000
246191c.2148: *000007feffbe0000-000007feffbdefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
247191c.2148: 000007feffbe1000-000007fdff811fff 0x0001/0x0000 0x0000000
248191c.2148: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
249191c.2148: 000007fffffd3000-000007fffffc9fff 0x0001/0x0000 0x0000000
250191c.2148: *000007fffffdc000-000007fffffd9fff 0x0004/0x0004 0x0020000
251191c.2148: *000007fffffde000-000007fffffdcfff 0x0004/0x0004 0x0020000
252191c.2148: 000007fffffdf000-000007fffffddfff 0x0001/0x0000 0x0000000
253191c.2148: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
254191c.2148: supR3HardNtChildPurify: Done after 1092 ms and 1 fixes (loop #1).
255191c.2148: supR3HardNtEnableThreadCreation:
2564fc.22ec: Log file opened: 4.3.18r96516 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
2574fc.22ec: supR3HardenedVmProcessInit: uNtDllAddr=00000000778c0000
2584fc.22ec: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
2594fc.22ec: New simple heap: #1 00000000002c0000 LB 0x400000 (for 1740800 allocation)
2604fc.22ec: System32: \Device\HarddiskVolume2\Windows\System32
2614fc.22ec: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
2624fc.22ec: KnownDllPath: C:\WINDOWS\system32
2634fc.22ec: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2644fc.22ec: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
2654fc.22ec: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
2664fc.22ec: Registered Dll notification callback with NTDLL.
2674fc.22ec: supR3HardenedMonitor_LdrLoadDll: 'kernel32.dll' -> 'C:\WINDOWS\system32\kernel32.dll' [rcNt=0xc0150008]
2684fc.22ec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
2694fc.22ec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2704fc.22ec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2714fc.22ec: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2724fc.22ec: supR3HardenedDllNotificationCallback: load 00000000777a0000 LB 0x0011f000 C:\WINDOWS\system32\kernel32.dll [fFlags=0x0]
2734fc.22ec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2744fc.22ec: supR3HardenedDllNotificationCallback: load 000007fefd990000 LB 0x0006c000 C:\WINDOWS\system32\KERNELBASE.dll [fFlags=0x0]
2754fc.22ec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
2764fc.22ec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2774fc.22ec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000777a0000 'C:\WINDOWS\system32\kernel32.dll'
2784fc.22ec: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778ec340 pvNtTerminateThread=00000000779117e0
279191c.2148: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 60 ms.
2804fc.22ec: \SystemRoot\System32\ntdll.dll:
2814fc.22ec: CreationTime: 2013-11-03T11:01:59.244738900Z
2824fc.22ec: LastWriteTime: 2013-11-03T11:01:59.245738400Z
2834fc.22ec: ChangeTime: 2014-08-29T00:39:59.836030300Z
2844fc.22ec: FileAttributes: 0x20
2854fc.22ec: Size: 0x1a6dc0
2864fc.22ec: NT Headers: 0xe0
2874fc.22ec: Timestamp: 0x521eaf24
2884fc.22ec: Machine: 0x8664 - amd64
2894fc.22ec: Timestamp: 0x521eaf24
2904fc.22ec: Image Version: 6.1
2914fc.22ec: SizeOfImage: 0x1a9000 (1740800)
2924fc.22ec: Resource Dir: 0x151000 LB 0x560d8
2934fc.22ec: ProductName: Microsoft® Windows® Operating System
2944fc.22ec: ProductVersion: 6.1.7601.18247
2954fc.22ec: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
2964fc.22ec: FileDescription: NT Layer DLL
2974fc.22ec: \SystemRoot\System32\kernel32.dll:
2984fc.22ec: CreationTime: 2014-07-10T06:14:03.134341500Z
2994fc.22ec: LastWriteTime: 2014-07-10T06:14:03.136351000Z
3004fc.22ec: ChangeTime: 2014-08-29T00:41:06.912595100Z
3014fc.22ec: FileAttributes: 0x20
3024fc.22ec: Size: 0x11c000
3034fc.22ec: NT Headers: 0xe8
3044fc.22ec: Timestamp: 0x5315a059
3054fc.22ec: Machine: 0x8664 - amd64
3064fc.22ec: Timestamp: 0x5315a059
3074fc.22ec: Image Version: 6.1
3084fc.22ec: SizeOfImage: 0x11f000 (1175552)
3094fc.22ec: Resource Dir: 0x116000 LB 0x528
3104fc.22ec: ProductName: Microsoft® Windows® Operating System
3114fc.22ec: ProductVersion: 6.1.7601.18409
3124fc.22ec: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3134fc.22ec: FileDescription: Windows NT BASE API Client DLL
3144fc.22ec: \SystemRoot\System32\KernelBase.dll:
3154fc.22ec: CreationTime: 2014-07-10T06:20:11.693506000Z
3164fc.22ec: LastWriteTime: 2014-07-10T06:20:11.695512700Z
3174fc.22ec: ChangeTime: 2014-08-29T00:41:06.928219900Z
3184fc.22ec: FileAttributes: 0x20
3194fc.22ec: Size: 0x67c00
3204fc.22ec: NT Headers: 0xe8
3214fc.22ec: Timestamp: 0x5315a05a
3224fc.22ec: Machine: 0x8664 - amd64
3234fc.22ec: Timestamp: 0x5315a05a
3244fc.22ec: Image Version: 6.1
3254fc.22ec: SizeOfImage: 0x6c000 (442368)
3264fc.22ec: Resource Dir: 0x6a000 LB 0x530
3274fc.22ec: ProductName: Microsoft® Windows® Operating System
3284fc.22ec: ProductVersion: 6.1.7601.18409
3294fc.22ec: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3304fc.22ec: FileDescription: Windows NT BASE API Client DLL
3314fc.22ec: \SystemRoot\System32\apisetschema.dll:
3324fc.22ec: CreationTime: 2013-10-15T05:09:13.656534900Z
3334fc.22ec: LastWriteTime: 2013-10-15T05:09:13.657535900Z
3344fc.22ec: ChangeTime: 2014-08-29T00:39:54.393257000Z
3354fc.22ec: FileAttributes: 0x20
3364fc.22ec: Size: 0x1a00
3374fc.22ec: NT Headers: 0xc0
3384fc.22ec: Timestamp: 0x51fb15ca
3394fc.22ec: Machine: 0x8664 - amd64
3404fc.22ec: Timestamp: 0x51fb15ca
3414fc.22ec: Image Version: 6.1
3424fc.22ec: SizeOfImage: 0x50000 (327680)
3434fc.22ec: Resource Dir: 0x30000 LB 0x3f8
3444fc.22ec: ProductName: Microsoft® Windows® Operating System
3454fc.22ec: ProductVersion: 6.1.7601.18229
3464fc.22ec: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
3474fc.22ec: FileDescription: ApiSet Schema DLL
3484fc.22ec: Found driver SymNetS (0x2)
3494fc.22ec: Found driver SymDS (0x2)
3504fc.22ec: Found driver SRTSPX (0x2)
3514fc.22ec: Found driver SymEvent (0x2)
3524fc.22ec: Found driver SymIRON (0x2)
3534fc.22ec: supR3HardenedWinFindAdversaries: 0x2
3544fc.22ec: \SystemRoot\System32\drivers\SysPlant.sys:
3554fc.22ec: CreationTime: 2014-08-29T01:01:43.659507100Z
3564fc.22ec: LastWriteTime: 2014-09-02T16:54:35.552810700Z
3574fc.22ec: ChangeTime: 2014-09-02T16:54:35.552810700Z
3584fc.22ec: FileAttributes: 0x20
3594fc.22ec: Size: 0x25d18
3604fc.22ec: NT Headers: 0xf8
3614fc.22ec: Timestamp: 0x509521f1
3624fc.22ec: Machine: 0x8664 - amd64
3634fc.22ec: Timestamp: 0x509521f1
3644fc.22ec: Image Version: 5.0
3654fc.22ec: SizeOfImage: 0x2d000 (184320)
3664fc.22ec: Resource Dir: 0x2b000 LB 0x498
3674fc.22ec: ProductName: Symantec CMC Firewall
3684fc.22ec: ProductVersion: 12.1.2015.2015
3694fc.22ec: FileVersion: 12.1.2015.2015
3704fc.22ec: FileDescription: Symantec CMC Firewall SysPlant
3714fc.22ec: \SystemRoot\System32\sysfer.dll:
3724fc.22ec: CreationTime: 2014-08-29T01:01:43.659507100Z
3734fc.22ec: LastWriteTime: 2014-09-02T16:54:35.552810700Z
3744fc.22ec: ChangeTime: 2014-09-02T16:54:35.552810700Z
3754fc.22ec: FileAttributes: 0x20
3764fc.22ec: Size: 0x6ffd0
3774fc.22ec: NT Headers: 0xe8
3784fc.22ec: Timestamp: 0x5095227d
3794fc.22ec: Machine: 0x8664 - amd64
3804fc.22ec: Timestamp: 0x5095227d
3814fc.22ec: Image Version: 0.0
3824fc.22ec: SizeOfImage: 0x87000 (552960)
3834fc.22ec: Resource Dir: 0x85000 LB 0x630
3844fc.22ec: ProductName: Symantec CMC Firewall
3854fc.22ec: ProductVersion: 12.1.2015.2015
3864fc.22ec: FileVersion: 12.1.2015.2015
3874fc.22ec: FileDescription: Symantec CMC Firewall sysfer
3884fc.22ec: \SystemRoot\System32\sysferThunk.dll:
3894fc.22ec: CreationTime: 2014-08-29T01:01:43.659507100Z
3904fc.22ec: LastWriteTime: 2014-09-02T16:54:35.552810700Z
3914fc.22ec: ChangeTime: 2014-09-02T16:54:35.552810700Z
3924fc.22ec: FileAttributes: 0x20
3934fc.22ec: Size: 0x2dd0
3944fc.22ec: NT Headers: 0xd0
3954fc.22ec: Timestamp: 0x5095227e
3964fc.22ec: Machine: 0x8664 - amd64
3974fc.22ec: Timestamp: 0x5095227e
3984fc.22ec: Image Version: 0.0
3994fc.22ec: SizeOfImage: 0x8000 (32768)
4004fc.22ec: Resource Dir: 0x6000 LB 0x648
4014fc.22ec: ProductName: Symantec CMC Firewall
4024fc.22ec: ProductVersion: 12.1.2015.2015
4034fc.22ec: FileVersion: 12.1.2015.2015
4044fc.22ec: FileDescription: Symantec CMC Firewall SysferThunk
4054fc.22ec: \SystemRoot\System32\drivers\symevent64x86.sys:
4064fc.22ec: CreationTime: 2014-08-29T01:01:56.670324100Z
4074fc.22ec: LastWriteTime: 2014-09-02T16:54:02.671596400Z
4084fc.22ec: ChangeTime: 2014-09-02T16:54:02.671596400Z
4094fc.22ec: FileAttributes: 0x20
4104fc.22ec: Size: 0x2b4a0
4114fc.22ec: NT Headers: 0xe8
4124fc.22ec: Timestamp: 0x50346f1e
4134fc.22ec: Machine: 0x8664 - amd64
4144fc.22ec: Timestamp: 0x50346f1e
4154fc.22ec: Image Version: 6.0
4164fc.22ec: SizeOfImage: 0x38000 (229376)
4174fc.22ec: Resource Dir: 0x36000 LB 0x3c8
4184fc.22ec: ProductName: SYMEVENT
4194fc.22ec: ProductVersion: 12.9.3.1
4204fc.22ec: FileVersion: 12.9.3.1
4214fc.22ec: FileDescription: Symantec Event Library
4224fc.22ec: Calling main()
4234fc.22ec: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0
4244fc.22ec: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
4254fc.22ec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe)
4264fc.22ec: SUPR3HardenedMain: Respawn #2
4274fc.22ec: supR3HardNtEnableThreadCreation:
4284fc.22ec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
4294fc.22ec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
4304fc.22ec: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\apphelp.dll *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
4314fc.22ec: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4324fc.22ec: supR3HardenedDllNotificationCallback: load 000007fefd500000 LB 0x00057000 C:\WINDOWS\system32\apphelp.dll [fFlags=0x0]
4334fc.22ec: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4344fc.22ec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd500000 'C:\WINDOWS\system32\apphelp.dll'
4354fc.22ec: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778ec340 pvNtTerminateThread=00000000779117e0
4364fc.22ec: supR3HardenedWinDoReSpawn(2): New child 1398.11c4 [kernel32].
4374fc.22ec: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
4384fc.22ec: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000778c0000 uNtDllChildAddr=00000000778c0000
4394fc.22ec: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000778ec340
4404fc.22ec: supR3HardenedWinSetupChildInit: Start child.
4414fc.22ec: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
4424fc.22ec: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 52 sleeps
4434fc.22ec: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
4444fc.22ec: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
4454fc.22ec: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
4464fc.22ec: *0000000000030000-fffffffffff33fff 0x0000/0x0004 0x0020000
4474fc.22ec: 000000000012c000-0000000000128fff 0x0104/0x0004 0x0020000
4484fc.22ec: 000000000012f000-000000000012dfff 0x0004/0x0004 0x0020000
4494fc.22ec: *0000000000130000-0000000000127fff 0x0040/0x0040 0x0020000 !!
4504fc.22ec: supHardNtVpScanVirtualMemory: Freeing exec mem at 0000000000130000 (0000000000130000 LB 0x8000)
4514fc.22ec: 0000000000138000-000000000012ffff 0x0001/0x0000 0x0000000
4524fc.22ec: *0000000000140000-000000000013bfff 0x0002/0x0002 0x0040000
4534fc.22ec: 0000000000144000-0000000000137fff 0x0001/0x0000 0x0000000
4544fc.22ec: *0000000000150000-000000000014efff 0x0004/0x0004 0x0020000
4554fc.22ec: 0000000000151000-ffffffff889e1fff 0x0001/0x0000 0x0000000
4564fc.22ec: *00000000778c0000-00000000778befff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4574fc.22ec: 00000000778c1000-00000000777befff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4584fc.22ec: 00000000779c3000-0000000077993fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4594fc.22ec: 00000000779f2000-00000000779e9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4604fc.22ec: 00000000779fa000-00000000779f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4614fc.22ec: 00000000779fb000-00000000779f7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4624fc.22ec: 00000000779fe000-0000000077992fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4634fc.22ec: 0000000077a69000-00000000704f1fff 0x0001/0x0000 0x0000000
4644fc.22ec: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
4654fc.22ec: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
4664fc.22ec: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
4674fc.22ec: 000000007fff0000-ffffffffc051ffff 0x0001/0x0000 0x0000000
4684fc.22ec: *000000013fac0000-000000013fabefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4694fc.22ec: 000000013fac1000-000000013fa3cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4704fc.22ec: 000000013fb45000-000000013fb43fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4714fc.22ec: 000000013fb46000-000000013fb08fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4724fc.22ec: 000000013fb83000-000000013fb81fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4734fc.22ec: 000000013fb84000-000000013fb82fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4744fc.22ec: 000000013fb85000-000000013fb82fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4754fc.22ec: 000000013fb87000-000000013fb85fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4764fc.22ec: 000000013fb88000-000000013fb86fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4774fc.22ec: 000000013fb89000-000000013fb84fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4784fc.22ec: 000000013fb8d000-000000013fb53fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4794fc.22ec: 000000013fbc6000-fffff8037fbabfff 0x0001/0x0000 0x0000000
4804fc.22ec: *000007feffbe0000-000007feffbdefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
4814fc.22ec: 000007feffbe1000-000007fdff811fff 0x0001/0x0000 0x0000000
4824fc.22ec: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
4834fc.22ec: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
4844fc.22ec: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
4854fc.22ec: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
4864fc.22ec: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
4874fc.22ec: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
4884fc.22ec: VBoxHeadless.exe: timestamp 0x5439147b (rc=VINF_SUCCESS)
4894fc.22ec: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
4904fc.22ec: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
4914fc.22ec: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
4924fc.22ec: supR3HardNtChildPurify: cFixes=1 g_fSupAdversaries=0x2 cPatchCount=0
4934fc.22ec: supR3HardNtChildPurify: Startup delay kludge #1/1: 520 ms, 50 sleeps
4944fc.22ec: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
4954fc.22ec: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
4964fc.22ec: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
4974fc.22ec: *0000000000030000-fffffffffff33fff 0x0000/0x0004 0x0020000
4984fc.22ec: 000000000012c000-0000000000128fff 0x0104/0x0004 0x0020000
4994fc.22ec: 000000000012f000-000000000012dfff 0x0004/0x0004 0x0020000
5004fc.22ec: 0000000000130000-000000000011ffff 0x0001/0x0000 0x0000000
5014fc.22ec: *0000000000140000-000000000013bfff 0x0002/0x0002 0x0040000
5024fc.22ec: 0000000000144000-0000000000137fff 0x0001/0x0000 0x0000000
5034fc.22ec: *0000000000150000-000000000014efff 0x0004/0x0004 0x0020000
5044fc.22ec: 0000000000151000-ffffffff889e1fff 0x0001/0x0000 0x0000000
5054fc.22ec: *00000000778c0000-00000000778befff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
5064fc.22ec: 00000000778c1000-00000000777befff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
5074fc.22ec: 00000000779c3000-0000000077993fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
5084fc.22ec: 00000000779f2000-00000000779e9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
5094fc.22ec: 00000000779fa000-00000000779f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
5104fc.22ec: 00000000779fb000-00000000779f9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
5114fc.22ec: 00000000779fc000-00000000779f9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
5124fc.22ec: 00000000779fe000-0000000077992fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
5134fc.22ec: 0000000077a69000-00000000704f1fff 0x0001/0x0000 0x0000000
5144fc.22ec: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
5154fc.22ec: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
5164fc.22ec: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
5174fc.22ec: 000000007fff0000-ffffffffc051ffff 0x0001/0x0000 0x0000000
5184fc.22ec: *000000013fac0000-000000013fabefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
5194fc.22ec: 000000013fac1000-000000013fa3cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
5204fc.22ec: 000000013fb45000-000000013fb43fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
5214fc.22ec: 000000013fb46000-000000013fb08fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
5224fc.22ec: 000000013fb83000-000000013fb78fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
5234fc.22ec: 000000013fb8d000-000000013fb53fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
5244fc.22ec: 000000013fbc6000-fffff8037fbabfff 0x0001/0x0000 0x0000000
5254fc.22ec: *000007feffbe0000-000007feffbdefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
5264fc.22ec: 000007feffbe1000-000007fdff811fff 0x0001/0x0000 0x0000000
5274fc.22ec: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
5284fc.22ec: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
5294fc.22ec: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
5304fc.22ec: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
5314fc.22ec: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
5324fc.22ec: supR3HardNtChildPurify: Done after 1080 ms and 1 fixes (loop #1).
5334fc.22ec: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002c0000 LB 0x400000)
5344fc.22ec: supR3HardNtEnableThreadCreation:
5351398.11c4: Log file opened: 4.3.18r96516 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
5361398.11c4: supR3HardenedVmProcessInit: uNtDllAddr=00000000778c0000
5371398.11c4: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
5381398.11c4: New simple heap: #1 0000000000260000 LB 0x400000 (for 1740800 allocation)
5391398.11c4: System32: \Device\HarddiskVolume2\Windows\System32
5401398.11c4: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
5411398.11c4: KnownDllPath: C:\WINDOWS\system32
5421398.11c4: supR3HardenedVmProcessInit: Opening vboxdrv...
5431398.11c4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
5441398.11c4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
5451398.11c4: Registered Dll notification callback with NTDLL.
5461398.11c4: supR3HardenedMonitor_LdrLoadDll: 'kernel32.dll' -> 'C:\WINDOWS\system32\kernel32.dll' [rcNt=0xc0150008]
5471398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
5481398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
5491398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
5501398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5511398.11c4: supR3HardenedDllNotificationCallback: load 00000000777a0000 LB 0x0011f000 C:\WINDOWS\system32\kernel32.dll [fFlags=0x0]
5521398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5531398.11c4: supR3HardenedDllNotificationCallback: load 000007fefd990000 LB 0x0006c000 C:\WINDOWS\system32\KERNELBASE.dll [fFlags=0x0]
5541398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
5551398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
5561398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000777a0000 'C:\WINDOWS\system32\kernel32.dll'
5571398.11c4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778ec340 pvNtTerminateThread=00000000779117e0
5584fc.22ec: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 70 ms.
5591398.11c4: \SystemRoot\System32\ntdll.dll:
5601398.11c4: CreationTime: 2013-11-03T11:01:59.244738900Z
5611398.11c4: LastWriteTime: 2013-11-03T11:01:59.245738400Z
5621398.11c4: ChangeTime: 2014-08-29T00:39:59.836030300Z
5631398.11c4: FileAttributes: 0x20
5641398.11c4: Size: 0x1a6dc0
5651398.11c4: NT Headers: 0xe0
5661398.11c4: Timestamp: 0x521eaf24
5671398.11c4: Machine: 0x8664 - amd64
5681398.11c4: Timestamp: 0x521eaf24
5691398.11c4: Image Version: 6.1
5701398.11c4: SizeOfImage: 0x1a9000 (1740800)
5711398.11c4: Resource Dir: 0x151000 LB 0x560d8
5721398.11c4: ProductName: Microsoft® Windows® Operating System
5731398.11c4: ProductVersion: 6.1.7601.18247
5741398.11c4: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
5751398.11c4: FileDescription: NT Layer DLL
5761398.11c4: \SystemRoot\System32\kernel32.dll:
5771398.11c4: CreationTime: 2014-07-10T06:14:03.134341500Z
5781398.11c4: LastWriteTime: 2014-07-10T06:14:03.136351000Z
5791398.11c4: ChangeTime: 2014-08-29T00:41:06.912595100Z
5801398.11c4: FileAttributes: 0x20
5811398.11c4: Size: 0x11c000
5821398.11c4: NT Headers: 0xe8
5831398.11c4: Timestamp: 0x5315a059
5841398.11c4: Machine: 0x8664 - amd64
5851398.11c4: Timestamp: 0x5315a059
5861398.11c4: Image Version: 6.1
5871398.11c4: SizeOfImage: 0x11f000 (1175552)
5881398.11c4: Resource Dir: 0x116000 LB 0x528
5891398.11c4: ProductName: Microsoft® Windows® Operating System
5901398.11c4: ProductVersion: 6.1.7601.18409
5911398.11c4: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
5921398.11c4: FileDescription: Windows NT BASE API Client DLL
5931398.11c4: \SystemRoot\System32\KernelBase.dll:
5941398.11c4: CreationTime: 2014-07-10T06:20:11.693506000Z
5951398.11c4: LastWriteTime: 2014-07-10T06:20:11.695512700Z
5961398.11c4: ChangeTime: 2014-08-29T00:41:06.928219900Z
5971398.11c4: FileAttributes: 0x20
5981398.11c4: Size: 0x67c00
5991398.11c4: NT Headers: 0xe8
6001398.11c4: Timestamp: 0x5315a05a
6011398.11c4: Machine: 0x8664 - amd64
6021398.11c4: Timestamp: 0x5315a05a
6031398.11c4: Image Version: 6.1
6041398.11c4: SizeOfImage: 0x6c000 (442368)
6051398.11c4: Resource Dir: 0x6a000 LB 0x530
6061398.11c4: ProductName: Microsoft® Windows® Operating System
6071398.11c4: ProductVersion: 6.1.7601.18409
6081398.11c4: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
6091398.11c4: FileDescription: Windows NT BASE API Client DLL
6101398.11c4: \SystemRoot\System32\apisetschema.dll:
6111398.11c4: CreationTime: 2013-10-15T05:09:13.656534900Z
6121398.11c4: LastWriteTime: 2013-10-15T05:09:13.657535900Z
6131398.11c4: ChangeTime: 2014-08-29T00:39:54.393257000Z
6141398.11c4: FileAttributes: 0x20
6151398.11c4: Size: 0x1a00
6161398.11c4: NT Headers: 0xc0
6171398.11c4: Timestamp: 0x51fb15ca
6181398.11c4: Machine: 0x8664 - amd64
6191398.11c4: Timestamp: 0x51fb15ca
6201398.11c4: Image Version: 6.1
6211398.11c4: SizeOfImage: 0x50000 (327680)
6221398.11c4: Resource Dir: 0x30000 LB 0x3f8
6231398.11c4: ProductName: Microsoft® Windows® Operating System
6241398.11c4: ProductVersion: 6.1.7601.18229
6251398.11c4: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
6261398.11c4: FileDescription: ApiSet Schema DLL
6271398.11c4: Found driver SymNetS (0x2)
6281398.11c4: Found driver SymDS (0x2)
6291398.11c4: Found driver SRTSPX (0x2)
6301398.11c4: Found driver SymEvent (0x2)
6311398.11c4: Found driver SymIRON (0x2)
6321398.11c4: supR3HardenedWinFindAdversaries: 0x2
6331398.11c4: \SystemRoot\System32\drivers\SysPlant.sys:
6341398.11c4: CreationTime: 2014-08-29T01:01:43.659507100Z
6351398.11c4: LastWriteTime: 2014-09-02T16:54:35.552810700Z
6361398.11c4: ChangeTime: 2014-09-02T16:54:35.552810700Z
6371398.11c4: FileAttributes: 0x20
6381398.11c4: Size: 0x25d18
6391398.11c4: NT Headers: 0xf8
6401398.11c4: Timestamp: 0x509521f1
6411398.11c4: Machine: 0x8664 - amd64
6421398.11c4: Timestamp: 0x509521f1
6431398.11c4: Image Version: 5.0
6441398.11c4: SizeOfImage: 0x2d000 (184320)
6451398.11c4: Resource Dir: 0x2b000 LB 0x498
6461398.11c4: ProductName: Symantec CMC Firewall
6471398.11c4: ProductVersion: 12.1.2015.2015
6481398.11c4: FileVersion: 12.1.2015.2015
6491398.11c4: FileDescription: Symantec CMC Firewall SysPlant
6501398.11c4: \SystemRoot\System32\sysfer.dll:
6511398.11c4: CreationTime: 2014-08-29T01:01:43.659507100Z
6521398.11c4: LastWriteTime: 2014-09-02T16:54:35.552810700Z
6531398.11c4: ChangeTime: 2014-09-02T16:54:35.552810700Z
6541398.11c4: FileAttributes: 0x20
6551398.11c4: Size: 0x6ffd0
6561398.11c4: NT Headers: 0xe8
6571398.11c4: Timestamp: 0x5095227d
6581398.11c4: Machine: 0x8664 - amd64
6591398.11c4: Timestamp: 0x5095227d
6601398.11c4: Image Version: 0.0
6611398.11c4: SizeOfImage: 0x87000 (552960)
6621398.11c4: Resource Dir: 0x85000 LB 0x630
6631398.11c4: ProductName: Symantec CMC Firewall
6641398.11c4: ProductVersion: 12.1.2015.2015
6651398.11c4: FileVersion: 12.1.2015.2015
6661398.11c4: FileDescription: Symantec CMC Firewall sysfer
6671398.11c4: \SystemRoot\System32\sysferThunk.dll:
6681398.11c4: CreationTime: 2014-08-29T01:01:43.659507100Z
6691398.11c4: LastWriteTime: 2014-09-02T16:54:35.552810700Z
6701398.11c4: ChangeTime: 2014-09-02T16:54:35.552810700Z
6711398.11c4: FileAttributes: 0x20
6721398.11c4: Size: 0x2dd0
6731398.11c4: NT Headers: 0xd0
6741398.11c4: Timestamp: 0x5095227e
6751398.11c4: Machine: 0x8664 - amd64
6761398.11c4: Timestamp: 0x5095227e
6771398.11c4: Image Version: 0.0
6781398.11c4: SizeOfImage: 0x8000 (32768)
6791398.11c4: Resource Dir: 0x6000 LB 0x648
6801398.11c4: ProductName: Symantec CMC Firewall
6811398.11c4: ProductVersion: 12.1.2015.2015
6821398.11c4: FileVersion: 12.1.2015.2015
6831398.11c4: FileDescription: Symantec CMC Firewall SysferThunk
6841398.11c4: \SystemRoot\System32\drivers\symevent64x86.sys:
6851398.11c4: CreationTime: 2014-08-29T01:01:56.670324100Z
6861398.11c4: LastWriteTime: 2014-09-02T16:54:02.671596400Z
6871398.11c4: ChangeTime: 2014-09-02T16:54:02.671596400Z
6881398.11c4: FileAttributes: 0x20
6891398.11c4: Size: 0x2b4a0
6901398.11c4: NT Headers: 0xe8
6911398.11c4: Timestamp: 0x50346f1e
6921398.11c4: Machine: 0x8664 - amd64
6931398.11c4: Timestamp: 0x50346f1e
6941398.11c4: Image Version: 6.0
6951398.11c4: SizeOfImage: 0x38000 (229376)
6961398.11c4: Resource Dir: 0x36000 LB 0x3c8
6971398.11c4: ProductName: SYMEVENT
6981398.11c4: ProductVersion: 12.9.3.1
6991398.11c4: FileVersion: 12.9.3.1
7001398.11c4: FileDescription: Symantec Event Library
7011398.11c4: Calling main()
7021398.11c4: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0
7031398.11c4: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
7041398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.exe)
7051398.11c4: SUPR3HardenedMain: Final process, opening VBoxDrv...
7061398.11c4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000260000 LB 0x400000)
7071398.11c4: supR3HardNtEnableThreadCreation:
7081398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
7091398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
7101398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=0000000000674900:C:\WINDOWS\system32 [calling]
7111398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
7121398.11c4: supR3HardenedDllNotificationCallback: load 000007fef4a60000 LB 0x00004000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
7131398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
7141398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
7151398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
7161398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4a60000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
7171398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
7181398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
7191398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4a60000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
7201398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4a60000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
7211398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7221398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
7231398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
7241398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
7251398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
7261398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
7271398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7281398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7291398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
7301398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
7311398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
7321398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
7331398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
7341398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
7351398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
7361398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
7371398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7381398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
7391398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
7401398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
7411398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7421398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7431398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
7441398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
7451398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
7461398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
7471398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
7481398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7491398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7501398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7511398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll *pfFlags=0x0 pwszSearchPath=0000000000674900:C:\WINDOWS\system32 [calling]
7521398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7531398.11c4: supR3HardenedDllNotificationCallback: load 000007fefd910000 LB 0x0003a000 C:\WINDOWS\system32\Wintrust.dll [fFlags=0x0]
7541398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7551398.11c4: supR3HardenedDllNotificationCallback: load 000007fefdca0000 LB 0x0009f000 C:\WINDOWS\system32\msvcrt.dll [fFlags=0x0]
7561398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7571398.11c4: supR3HardenedDllNotificationCallback: load 000007fefd790000 LB 0x0016c000 C:\WINDOWS\system32\CRYPT32.dll [fFlags=0x0]
7581398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7591398.11c4: supR3HardenedDllNotificationCallback: load 000007fefd700000 LB 0x0000f000 C:\WINDOWS\system32\MSASN1.dll [fFlags=0x0]
7601398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
7611398.11c4: supR3HardenedDllNotificationCallback: load 000007fefedf0000 LB 0x0012d000 C:\WINDOWS\system32\RPCRT4.dll [fFlags=0x0]
7621398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7631398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd910000 'C:\WINDOWS\system32\Wintrust.dll'
7641398.11c4: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\WINDOWS\system32\CRYPTSP.dll' [rcNt=0xc0150008]
7651398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
7661398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
7671398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
7681398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
7691398.11c4: supR3HardenedDllNotificationCallback: load 000007fefcfc0000 LB 0x00017000 C:\WINDOWS\system32\CRYPTSP.dll [fFlags=0x0]
7701398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
7711398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcfc0000 'C:\WINDOWS\system32\CRYPTSP.dll'
7721398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7731398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
7741398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
7751398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7761398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7771398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7781398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
7791398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7801398.11c4: supR3HardenedDllNotificationCallback: load 000007fefcbb0000 LB 0x00047000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
7811398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7821398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcbb0000 'C:\WINDOWS\system32\rsaenh.dll'
7831398.11c4: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\WINDOWS\system32\ADVAPI32.dll' [rcNt=0xc0150008]
7841398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7851398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
7861398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
7871398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
7881398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7891398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7901398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7911398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7921398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7931398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7941398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
7951398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
7961398.11c4: supR3HardenedDllNotificationCallback: load 000007fefde10000 LB 0x000db000 C:\WINDOWS\system32\ADVAPI32.dll [fFlags=0x0]
7971398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
7981398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
7991398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
8001398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
8011398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
8021398.11c4: supR3HardenedDllNotificationCallback: load 000007feff8b0000 LB 0x0001f000 C:\WINDOWS\SYSTEM32\sechost.dll [fFlags=0x0]
8031398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
8041398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde10000 'C:\WINDOWS\system32\ADVAPI32.dll'
8051398.11c4: supR3HardenedMonitor_LdrLoadDll: 'CRYPTBASE.dll' -> 'C:\WINDOWS\system32\CRYPTBASE.dll' [rcNt=0xc0150008]
8061398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
8071398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
8081398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8091398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8101398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8111398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8121398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8131398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8141398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\CRYPTBASE.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
8151398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
8161398.11c4: supR3HardenedDllNotificationCallback: load 000007fefd560000 LB 0x0000f000 C:\WINDOWS\system32\CRYPTBASE.dll [fFlags=0x0]
8171398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
8181398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd560000 'C:\WINDOWS\system32\CRYPTBASE.dll'
8191398.11c4: supR3HardenedMonitor_LdrLoadDll: 'kernel32.dll' -> 'C:\WINDOWS\system32\kernel32.dll' [rcNt=0xc0150008]
8201398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
8211398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\kernel32.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
8221398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000777a0000 'C:\WINDOWS\system32\kernel32.dll'
8231398.11c4: supR3HardenedMonitor_LdrLoadDll: 'WINTRUST.DLL' -> 'C:\WINDOWS\system32\WINTRUST.DLL' [rcNt=0xc0150008]
8241398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
8251398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
8261398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd910000 'C:\WINDOWS\system32\WINTRUST.DLL'
8271398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8281398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\CRYPT32.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
8291398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd790000 'C:\WINDOWS\system32\CRYPT32.dll'
8301398.11c4: supR3HardenedMonitor_LdrLoadDll: 'imagehlp.dll' -> 'C:\WINDOWS\system32\imagehlp.dll' [rcNt=0xc0150008]
8311398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8321398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
8331398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
8341398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
8351398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
8361398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
8371398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8381398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8391398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8401398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8411398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\imagehlp.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
8421398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
8431398.11c4: supR3HardenedDllNotificationCallback: load 000007fefef20000 LB 0x00019000 C:\WINDOWS\system32\imagehlp.dll [fFlags=0x0]
8441398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
8451398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef20000 'C:\WINDOWS\system32\imagehlp.dll'
8461398.11c4: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\WINDOWS\system32\CRYPTSP.dll' [rcNt=0xc0150008]
8471398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
8481398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
8491398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcfc0000 'C:\WINDOWS\system32\CRYPTSP.dll'
8501398.11c4: supR3HardenedMonitor_LdrLoadDll: 'USER32.dll' -> 'C:\WINDOWS\system32\USER32.dll' [rcNt=0xc0150008]
8511398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
8521398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
8531398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
8541398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
8551398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
8561398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
8571398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
8581398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
8591398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
8601398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
8611398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
8621398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
8631398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
8641398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
8651398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
8661398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
8671398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
8681398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
8691398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
8701398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
8711398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
8721398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8731398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
8741398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
8751398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
8761398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
8771398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
8781398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
8791398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
8801398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
8811398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
8821398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
8831398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
8841398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
8851398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
8861398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
8871398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
8881398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
8891398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8901398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8911398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8921398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\USER32.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
8931398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
8941398.11c4: supR3HardenedDllNotificationCallback: load 00000000776a0000 LB 0x000fa000 C:\WINDOWS\system32\USER32.dll [fFlags=0x0]
8951398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
8961398.11c4: supR3HardenedDllNotificationCallback: load 000007fefdb90000 LB 0x00067000 C:\WINDOWS\system32\GDI32.dll [fFlags=0x0]
8971398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
8981398.11c4: supR3HardenedDllNotificationCallback: load 000007fefef40000 LB 0x0000e000 C:\WINDOWS\system32\LPK.dll [fFlags=0x0]
8991398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust]
9001398.11c4: supR3HardenedDllNotificationCallback: load 000007feff700000 LB 0x000c9000 C:\WINDOWS\system32\USP10.dll [fFlags=0x0]
9011398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust]
9021398.11c4: supR3HardenedMonitor_LdrLoadDll: 'gdi32.dll' -> 'C:\WINDOWS\system32\gdi32.dll' [rcNt=0xc0150008]
9031398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9041398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\gdi32.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
9051398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb90000 'C:\WINDOWS\system32\gdi32.dll'
9061398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
9071398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
9081398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
9091398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
9101398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
9111398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
9121398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
9131398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9141398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
9151398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
9161398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
9171398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
9181398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
9191398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9201398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9211398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9221398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9231398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9241398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
9251398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
9261398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
9271398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
9281398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9291398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9301398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9311398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9321398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9331398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
9341398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9351398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9361398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9371398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
9381398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
9391398.11c4: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x0002e000 C:\WINDOWS\system32\IMM32.DLL [fFlags=0x0]
9401398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
9411398.11c4: supR3HardenedDllNotificationCallback: load 000007feff360000 LB 0x00109000 C:\WINDOWS\system32\MSCTF.dll [fFlags=0x0]
9421398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
9431398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb60000 'C:\WINDOWS\system32\IMM32.DLL'
9441398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000776a0000 'C:\WINDOWS\system32\USER32.dll'
9451398.11c4: supR3HardenedMonitor_LdrLoadDll: 'ncrypt.dll' -> 'C:\WINDOWS\system32\ncrypt.dll' [rcNt=0xc0150008]
9461398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
9471398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
9481398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
9491398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
9501398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
9511398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
9521398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
9531398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
9541398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9551398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9561398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9571398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
9581398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
9591398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
9601398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
9611398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\ncrypt.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
9621398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
9631398.11c4: supR3HardenedDllNotificationCallback: load 000007fefd070000 LB 0x0004d000 C:\WINDOWS\system32\ncrypt.dll [fFlags=0x0]
9641398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
9651398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
9661398.11c4: supR3HardenedDllNotificationCallback: load 000007fefd040000 LB 0x00022000 C:\WINDOWS\system32\bcrypt.dll [fFlags=0x0]
9671398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
9681398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd070000 'C:\WINDOWS\system32\ncrypt.dll'
9691398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
9701398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
9711398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
9721398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
9731398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
9741398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
9751398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
9761398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
9771398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
9781398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
9791398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
9801398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
9811398.11c4: supR3HardenedDllNotificationCallback: load 000007fefcb10000 LB 0x0004c000 C:\WINDOWS\system32\bcryptprimitives.dll [fFlags=0x0]
9821398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
9831398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb10000 'C:\WINDOWS\system32\bcryptprimitives.dll'
9841398.11c4: supR3HardenedMonitor_LdrLoadDll: 'bcrypt.dll' -> 'C:\WINDOWS\system32\bcrypt.dll' [rcNt=0xc0150008]
9851398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
9861398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
9871398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd040000 'C:\WINDOWS\system32\bcrypt.dll'
9881398.11c4: supR3HardenedMonitor_LdrLoadDll: 'USERENV.dll' -> 'C:\WINDOWS\system32\USERENV.dll' [rcNt=0xc0150008]
9891398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9901398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
9911398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
9921398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
9931398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
9941398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
9951398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
9961398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9971398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
9981398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
9991398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10001398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10011398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10021398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10031398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10041398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10051398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10061398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10071398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10081398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\USERENV.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10091398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
10101398.11c4: supR3HardenedDllNotificationCallback: load 000007fefd730000 LB 0x0001e000 C:\WINDOWS\system32\USERENV.dll [fFlags=0x0]
10111398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
10121398.11c4: supR3HardenedDllNotificationCallback: load 000007fefd710000 LB 0x0000f000 C:\WINDOWS\system32\profapi.dll [fFlags=0x0]
10131398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
10141398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd730000 'C:\WINDOWS\system32\USERENV.dll'
10151398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10161398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
10171398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10181398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
10191398.11c4: supR3HardenedMonitor_LdrLoadDll: 'GPAPI.dll' -> 'C:\WINDOWS\system32\GPAPI.dll' [rcNt=0xc0150008]
10201398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10211398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
10221398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
10231398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
10241398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10251398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10261398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10271398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10281398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10291398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10301398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\GPAPI.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10311398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
10321398.11c4: supR3HardenedDllNotificationCallback: load 000007fefc9b0000 LB 0x0001b000 C:\WINDOWS\system32\GPAPI.dll [fFlags=0x0]
10331398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
10341398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc9b0000 'C:\WINDOWS\system32\GPAPI.dll'
10351398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10361398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
10371398.11c4: supR3HardenedMonitor_LdrLoadDll: 'rpcrt4.dll' -> 'C:\WINDOWS\system32\rpcrt4.dll' [rcNt=0xc0150008]
10381398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10391398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rpcrt4.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10401398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedf0000 'C:\WINDOWS\system32\rpcrt4.dll'
10411398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10421398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
10431398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10441398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
10451398.11c4: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\WINDOWS\system32\cryptnet.dll' [rcNt=0xc0150008]
10461398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10471398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
10481398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
10491398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
10501398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
10511398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
10521398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
10531398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
10541398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10551398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
10561398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
10571398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
10581398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
10591398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
10601398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
10611398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
10621398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
10631398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10641398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10651398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10661398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10671398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10681398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10691398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10701398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10711398.11c4: supR3HardenedDllNotificationCallback: load 000007fef2c00000 LB 0x00027000 C:\WINDOWS\system32\cryptnet.dll [fFlags=0x0]
10721398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10731398.11c4: supR3HardenedDllNotificationCallback: load 000007feffb70000 LB 0x00052000 C:\WINDOWS\system32\WLDAP32.dll [fFlags=0x0]
10741398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
10751398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10761398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10771398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
10781398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10791398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10801398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
10811398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10821398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10831398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
10841398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10851398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10861398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
10871398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10881398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10891398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
10901398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10911398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10921398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
10931398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10941398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10951398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
10961398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10971398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
10981398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
10991398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11001398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11011398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
11021398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11031398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11041398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
11051398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11061398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11071398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
11081398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
11091398.11c4: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\WINDOWS\system32\cryptnet.dll' [rcNt=0xc0150008]
11101398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11111398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\cryptnet.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11121398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c00000 'C:\WINDOWS\system32\cryptnet.dll'
11131398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11141398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
11151398.11c4: supR3HardenedMonitor_LdrLoadDll: 'profapi.dll' -> 'C:\WINDOWS\system32\profapi.dll' [rcNt=0xc0150008]
11161398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
11171398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\profapi.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11181398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd710000 'C:\WINDOWS\system32\profapi.dll'
11191398.11c4: supR3HardenedMonitor_LdrLoadDll: 'SHLWAPI.dll' -> 'C:\WINDOWS\system32\SHLWAPI.dll' [rcNt=0xc0150008]
11201398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
11211398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
11221398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
11231398.11c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
11241398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
11251398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11261398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11271398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11281398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11291398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11301398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
11311398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11321398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11331398.11c4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11341398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHLWAPI.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11351398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
11361398.11c4: supR3HardenedDllNotificationCallback: load 000007fefdd40000 LB 0x00071000 C:\WINDOWS\system32\SHLWAPI.dll [fFlags=0x0]
11371398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
11381398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdd40000 'C:\WINDOWS\system32\SHLWAPI.dll'
11391398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
11401398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000006b61f0
11411398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
11421398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=771D512B7B1C39F0393BD4EF9FC62F442783FB35
11431398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11441398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
11451398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11461398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
11471398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11481398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
11491398.11c4: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\WINDOWS\system32\ADVAPI32.dll' [rcNt=0xc0150008]
11501398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
11511398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11521398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde10000 'C:\WINDOWS\system32\ADVAPI32.dll'
11531398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11541398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
11551398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
11561398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8b0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
11571398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2882822~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\SystemRoot\System32\ntdll.dll'
11581398.11c4: g_pfnWinVerifyTrust=000007fefd911010
11591398.11c4: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
11601398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
11611398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
11621398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
11631398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CF258E1DA85AD69891395F6F7501E1D54F2DFED8
11641398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_112_for_KB2868626~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
11651398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11661398.11c4: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
11671398.11c4: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
11681398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
11691398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
11701398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
11711398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=80662AB761CF56CEC7909E5D03289BC65B4457A8
11721398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB2862966~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
11731398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11741398.11c4: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
11751398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000394 pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
11761398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
11771398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
11781398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
11791398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
11801398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11811398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
11821398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000388 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
11831398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
11841398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
11851398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
11861398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
11871398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11881398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
11891398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
11901398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
11911398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
11921398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F
11931398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB2862966~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
11941398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11951398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
11961398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000260 pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
11971398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
11981398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
11991398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
12001398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
12011398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12021398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
12031398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001cc pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
12041398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12051398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12061398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
12071398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
12081398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12091398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
12101398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c8 pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
12111398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12121398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12131398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
12141398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
12151398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12161398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
12171398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
12181398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a0 pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
12191398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12201398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12211398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
12221398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
12231398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12241398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
12251398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000019c pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
12261398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12271398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12281398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=79EA9CBEF21789D2261F797DD2A1624A054306AB
12291398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB2973337~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
12301398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12311398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
12321398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
12331398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12341398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12351398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
12361398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
12371398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12381398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
12391398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
12401398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12411398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12421398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
12431398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
12441398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12451398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
12461398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
12471398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12481398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12491398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
12501398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2957509~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
12511398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12521398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
12531398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
12541398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12551398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12561398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB
12571398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2847311~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
12581398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12591398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
12601398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000170 pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
12611398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12621398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12631398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9
12641398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2993651~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
12651398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12661398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
12671398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
12681398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12691398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12701398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
12711398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\user32.dll'
12721398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12731398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
12741398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000168 pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
12751398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12761398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12771398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
12781398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
12791398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12801398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
12811398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000124 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
12821398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12831398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12841398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
12851398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
12861398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12871398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
12881398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000118 pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
12891398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12901398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12911398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
12921398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
12931398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12941398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
12951398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000010c pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
12961398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
12971398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
12981398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4
12991398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2882822~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
13001398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13011398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
13021398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
13031398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000108 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
13041398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
13051398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
13061398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
13071398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
13081398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13091398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
13101398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e8 pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
13111398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
13121398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
13131398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
13141398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
13151398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13161398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
13171398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
13181398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
13191398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
13201398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
13211398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
13221398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13231398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
13241398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
13251398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
13261398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
13271398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12
13281398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2978668~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
13291398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13301398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
13311398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
13321398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\Windows\System32\KernelBase.dll
13331398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
13341398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
13351398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57EB6F834C5A5D9585A660D91756134028A3B089
13361398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB2871997~31bf3856ad364e35~amd64~~6.1.2.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
13371398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13381398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
13391398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
13401398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
13411398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
13421398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
13431398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB2871997~31bf3856ad364e35~amd64~~6.1.2.5.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
13441398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13451398.11c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
13461398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
13471398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll *pfFlags=0x0 pwszSearchPath=00000000007695b0:C:\WINDOWS\system32 [calling]
13481398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd790000 'C:\WINDOWS\system32\crypt32.dll'
13491398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
13501398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
13511398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
13521398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
13531398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xb092d1b715a2cb00 DC=com, DC=dreamworks, DC=win, CN=win-DREAMWORKS-CorpCA
13541398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
13551398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
13561398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
13571398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
13581398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x91e3728b8b40d000 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority
13591398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
13601398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
13611398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
13621398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
13631398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
13641398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
13651398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
13661398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
13671398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
13681398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
13691398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
13701398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
13711398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
13721398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
13731398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
13741398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
13751398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
13761398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
13771398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
13781398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
13791398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
13801398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x20b7075b3689b600 C=IL, O=StartCom Ltd., CN=StartCom Certification Authority G2
13811398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x9259c8abe5ca713a L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com/, Email=info@valicert.com
13821398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
13831398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
13841398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
13851398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xa8b43f38c3f7b100 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
13861398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
13871398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
13881398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x8c7a0dad62269806 C=US, ST=California, L=Glendale, O=DreamWorks Animation, OU=Animation Technology, CN=www.dreamworksanimation.com, Email=wheel@dreamworksanimation.com
13891398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0x69a1b6ba07a3c000 ST=California, L=Glendale, O=DreamWorks Animation SKG Inc., OU=Information Technology, CN=Information Security, Email=infosec@dreamworks.com
13901398.11c4: supR3HardenedWinIsDesiredRootCA: Adding 0xb092d1b715a2cb00 DC=com, DC=dreamworks, DC=win, CN=win-DREAMWORKS-CorpCA
13911398.11c4: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=42
13921398.11c4: SUPR3HardenedMain: Load Runtime...
13931398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
13941398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
13951398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
13961398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
13971398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll)WinVerifyTrust
13981398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
13991398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14001398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14011398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
14021398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
14031398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
14041398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000430 pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
14051398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
14061398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
14071398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
14081398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
14091398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14101398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14111398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
14121398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
14131398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll)WinVerifyTrust
14141398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
14151398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14161398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14171398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
14181398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll)WinVerifyTrust
14191398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
14201398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14211398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14221398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)WinVerifyTrust
14231398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
14241398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14251398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14261398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
14271398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
14281398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
14291398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000448 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
14301398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
14311398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
14321398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
14331398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
14341398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14351398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll)WinVerifyTrust
14361398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
14371398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14381398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14391398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
14401398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14411398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14421398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
14431398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000006eaff0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
14441398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14451398.11c4: supR3HardenedDllNotificationCallback: load 000007fedb050000 LB 0x0052f000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
14461398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14471398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
14481398.11c4: supR3HardenedDllNotificationCallback: load 000000005bd00000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
14491398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
14501398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
14511398.11c4: supR3HardenedDllNotificationCallback: load 0000000057750000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
14521398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
14531398.11c4: supR3HardenedDllNotificationCallback: load 000007fefddc0000 LB 0x0004d000 C:\WINDOWS\system32\WS2_32.dll [fFlags=0x0]
14541398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
14551398.11c4: supR3HardenedDllNotificationCallback: load 000007feff8d0000 LB 0x00008000 C:\WINDOWS\system32\NSI.dll [fFlags=0x0]
14561398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
14571398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14581398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14591398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14601398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14611398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14621398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14631398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14641398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14651398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14661398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14671398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14681398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14691398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14701398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14711398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14721398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14731398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14741398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14751398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14761398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14771398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14781398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14791398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14801398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14811398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14821398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14831398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14841398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14851398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14861398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14871398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14881398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14891398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14901398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14911398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14921398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14931398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14941398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14951398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14961398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14971398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
14981398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14991398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15001398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15011398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15021398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15031398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15041398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15051398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15061398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15071398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15081398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15091398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15101398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15111398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15121398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15131398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15141398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15151398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15161398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15171398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15181398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15191398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15201398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15211398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15221398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15231398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15241398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15251398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15261398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15271398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15281398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15291398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15301398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15311398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15321398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15331398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15341398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15351398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15361398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15371398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15381398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15391398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15401398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15411398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15421398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15431398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15441398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15451398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15461398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15471398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15481398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15491398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15501398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15511398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=0000000000675360:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32;C:\WINDOWS\system;C:\WINDOWS;.;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Dell\Dell Data Protection\Encryption\;C:\HashiCorp\Vagrant\bin;C:\HashiCorp\Packer\0.7.1;c:\Program Files (x86)\git\bin;c:\go\bin [calling]
15521398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15531398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedb050000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15541398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
15551398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll *pfFlags=0x0 pwszSearchPath=000000000076fb50:C:\WINDOWS\system32 [calling]
15561398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd910000 'C:\WINDOWS\system32\Wintrust.dll'
15571398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
15581398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\crypt32.dll *pfFlags=0x0 pwszSearchPath=000000000076fb50:C:\WINDOWS\system32 [calling]
15591398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd790000 'C:\WINDOWS\system32\crypt32.dll'
15601398.11c4: SUPR3HardenedMain: Load TrustedMain...
15611398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
15621398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
15631398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
15641398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
15651398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxrt.dll'.
15661398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
15671398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
15681398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.dll)WinVerifyTrust
15691398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.dll
15701398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15711398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
15721398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
15731398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15741398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15751398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
15761398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
15771398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
15781398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
15791398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
15801398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
15811398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000488 pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
15821398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
15831398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
15841398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1D7CC9111C6B5A59641FA11BE0A6A1841FEBBCD
15851398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2564958~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
15861398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15871398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
15881398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
15891398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
15901398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
15911398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
15921398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll)WinVerifyTrust
15931398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
15941398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
15951398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
15961398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000494 pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
15971398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
15981398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
15991398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E64AE329BD5124592BC8CB0B327AA3B95DC65B7
16001398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
16011398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16021398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16031398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
16041398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
16051398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
16061398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll)WinVerifyTrust
16071398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
16081398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16091398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16101398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16111398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16121398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16131398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
16141398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16151398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16161398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
16171398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16181398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16191398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16201398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16211398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16221398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
16231398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16241398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16251398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
16261398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16271398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16281398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
16291398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16301398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16311398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16321398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16331398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16341398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
16351398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16361398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16371398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
16381398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16391398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
16401398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
16411398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxHeadless.dll *pfFlags=0x0 pwszSearchPath=00000000006eaff0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
16421398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.dll
16431398.11c4: supR3HardenedDllNotificationCallback: load 000007fef4a70000 LB 0x00058000 C:\Program Files\Oracle\VirtualBox\VBoxHeadless.dll [fFlags=0x0]
16441398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxHeadless.dll
16451398.11c4: supR3HardenedDllNotificationCallback: load 000007feff8e0000 LB 0x00203000 C:\WINDOWS\system32\ole32.dll [fFlags=0x0]
16461398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
16471398.11c4: supR3HardenedDllNotificationCallback: load 000007feff7d0000 LB 0x000d7000 C:\WINDOWS\system32\OLEAUT32.dll [fFlags=0x0]
16481398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
16491398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4a70000 'C:\Program Files\Oracle\VirtualBox\VBoxHeadless.dll'
16501398.11c4: SUPR3HardenedMain: Calling TrustedMain (000007fef4a7afe0)...
16511398.11c4: supR3HardenedMonitor_LdrLoadDll: 'CRYPTBASE.dll' -> 'C:\WINDOWS\system32\CRYPTBASE.dll' [rcNt=0xc0150008]
16521398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
16531398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\CRYPTBASE.dll *pfFlags=0x0 pwszSearchPath=00000000006eaff0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
16541398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd560000 'C:\WINDOWS\system32\CRYPTBASE.dll'
16551398.11c4: supR3HardenedMonitor_LdrLoadDll: 'CLBCatQ.DLL' -> 'C:\WINDOWS\system32\CLBCatQ.DLL' [rcNt=0xc0150008]
16561398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c0 pwszName=\Device\HarddiskVolume2\Windows\System32\clbcatq.dll
16571398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
16581398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
16591398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
16601398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\clbcatq.dll'
16611398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16621398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16631398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
16641398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
16651398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
16661398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
16671398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
16681398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll)WinVerifyTrust
16691398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
16701398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16711398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16721398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
16731398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
16741398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
16751398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
16761398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16771398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
16781398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
16791398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16801398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16811398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16821398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16831398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
16841398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
16851398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16861398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16871398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
16881398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\CLBCatQ.DLL *pfFlags=0x0 pwszSearchPath=00000000006eaff0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
16891398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
16901398.11c4: supR3HardenedDllNotificationCallback: load 000007fefdac0000 LB 0x00099000 C:\WINDOWS\system32\CLBCatQ.DLL [fFlags=0x0]
16911398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
16921398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdac0000 'C:\WINDOWS\system32\CLBCatQ.DLL'
16931398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
16941398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
16951398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
16961398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
16971398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
16981398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
16991398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
17001398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll)WinVerifyTrust
17011398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
17021398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17031398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
17041398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
17051398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17061398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
17071398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
17081398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
17091398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
17101398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
17111398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17121398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17131398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
17141398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
17151398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
17161398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
17171398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17181398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17191398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
17201398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17211398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17221398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
17231398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll *pfFlags=0x0 pwszSearchPath=00000000007339f0:C:\Program Files\Oracle\VirtualBox;C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
17241398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
17251398.11c4: supR3HardenedDllNotificationCallback: load 000007fed9e70000 LB 0x004e7000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
17261398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
17271398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9e70000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
17281398.11c4: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\WINDOWS\system32\ADVAPI32.dll' [rcNt=0xc0150008]
17291398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
17301398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=00000000006eb620:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
17311398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde10000 'C:\WINDOWS\system32\ADVAPI32.dll'
17321398.11c4: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\WINDOWS\system32\CRYPTSP.dll' [rcNt=0xc0150008]
17331398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
17341398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=00000000006eb3e0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
17351398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcfc0000 'C:\WINDOWS\system32\CRYPTSP.dll'
17361398.11c4: supR3HardenedMonitor_LdrLoadDll: 'RpcRtRemote.dll' -> 'C:\WINDOWS\system32\RpcRtRemote.dll' [rcNt=0xc0150008]
17371398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f0 pwszName=\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
17381398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
17391398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
17401398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
17411398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll'
17421398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17431398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
17441398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll)WinVerifyTrust
17451398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
17461398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17471398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17481398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
17491398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\RpcRtRemote.dll *pfFlags=0x0 pwszSearchPath=00000000006eb3e0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
17501398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
17511398.11c4: supR3HardenedDllNotificationCallback: load 000007fefd650000 LB 0x00014000 C:\WINDOWS\system32\RpcRtRemote.dll [fFlags=0x0]
17521398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
17531398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd650000 'C:\WINDOWS\system32\RpcRtRemote.dll'
17541398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
17551398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleaut32.dll *pfFlags=0x0 pwszSearchPath=00000000009d2f20:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
17561398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff7d0000 'C:\Windows\system32\oleaut32.dll'
17571398.11c4: supR3HardenedMonitor_LdrLoadDll: 'SXS.DLL' -> 'C:\WINDOWS\system32\SXS.DLL' [rcNt=0xc0150008]
17581398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000050c pwszName=\Device\HarddiskVolume2\Windows\System32\sxs.dll
17591398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
17601398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
17611398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCAC019C19F878C2B628662A84ECE75A01818BC9
17621398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\sxs.dll'
17631398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17641398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sxs.dll)WinVerifyTrust
17651398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sxs.dll
17661398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SXS.DLL *pfFlags=0x0 pwszSearchPath=00000000006eb860:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
17671398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sxs.dll
17681398.11c4: supR3HardenedDllNotificationCallback: load 000007fefd5b0000 LB 0x00091000 C:\WINDOWS\system32\SXS.DLL [fFlags=0x0]
17691398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sxs.dll
17701398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5b0000 'C:\WINDOWS\system32\SXS.DLL'
17711398.11c4: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\WINDOWS\system32\ADVAPI32.dll' [rcNt=0xc0150008]
17721398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
17731398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=00000000006eb860:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
17741398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefde10000 'C:\WINDOWS\system32\ADVAPI32.dll'
17751398.11c4: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32' -> 'C:\WINDOWS\system32\OLEAUT32.dll' [rcNt=0xc0150008]
17761398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
17771398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=00000000006eb860:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
17781398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff7d0000 'C:\WINDOWS\system32\OLEAUT32.dll'
17791398.11c4: supR3HardenedMonitor_LdrLoadDll: 'ole32.dll' -> 'C:\WINDOWS\system32\ole32.dll' [rcNt=0xc0150008]
17801398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
17811398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\ole32.dll *pfFlags=0x0 pwszSearchPath=00000000006ebd70:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
17821398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff8e0000 'C:\WINDOWS\system32\ole32.dll'
17831398.11c4: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.dll' -> 'C:\WINDOWS\system32\OLEAUT32.dll' [rcNt=0xc0150008]
17841398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
17851398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=00000000006ebd70:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
17861398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff7d0000 'C:\WINDOWS\system32\OLEAUT32.dll'
17871398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000610 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
17881398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
17891398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
17901398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
17911398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll'
17921398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17931398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17941398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
17951398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
17961398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
17971398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
17981398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
17991398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll)WinVerifyTrust
18001398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
18011398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
18021398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
18031398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
18041398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
18051398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
18061398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
18071398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
18081398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
18091398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
18101398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18111398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
18121398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
18131398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
18141398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
18151398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000061c pwszName=\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
18161398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
18171398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
18181398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
18191398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
18201398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18211398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18221398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
18231398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
18241398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
18251398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
18261398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll)WinVerifyTrust
18271398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
18281398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18291398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18301398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
18311398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
18321398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
18331398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
18341398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18351398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18361398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18371398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
18381398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
18391398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
18401398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
18411398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
18421398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
18431398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18441398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18451398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
18461398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemprox.dll *pfFlags=0x0 pwszSearchPath=00000000007589e0:C:\WINDOWS\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
18471398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
18481398.11c4: supR3HardenedDllNotificationCallback: load 000007fef9f90000 LB 0x0000f000 C:\WINDOWS\system32\wbem\wbemprox.dll [fFlags=0x0]
18491398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
18501398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
18511398.11c4: supR3HardenedDllNotificationCallback: load 000007fef9820000 LB 0x00086000 C:\WINDOWS\system32\wbemcomn.dll [fFlags=0x0]
18521398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
18531398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9f90000 'C:\WINDOWS\system32\wbem\wbemprox.dll'
18541398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000644 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
18551398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
18561398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
18571398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
18581398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll'
18591398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18601398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18611398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
18621398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll)WinVerifyTrust
18631398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
18641398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
18651398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
18661398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
18671398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18681398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18691398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
18701398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemsvc.dll *pfFlags=0x0 pwszSearchPath=00000000007596a0:C:\WINDOWS\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
18711398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
18721398.11c4: supR3HardenedDllNotificationCallback: load 000007fef1f20000 LB 0x00014000 C:\WINDOWS\system32\wbem\wbemsvc.dll [fFlags=0x0]
18731398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
18741398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef1f20000 'C:\WINDOWS\system32\wbem\wbemsvc.dll'
18751398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000648 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
18761398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
18771398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
18781398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
18791398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll'
18801398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18811398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18821398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
18831398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
18841398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
18851398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
18861398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
18871398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll)WinVerifyTrust
18881398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
18891398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
18901398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll' [rcNtRedir=0xc0150008]
18911398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000628 pwszName=\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
18921398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
18931398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
18941398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
18951398.11c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll'
18961398.11c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18971398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18981398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
18991398.11c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
19001398.11c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll)WinVerifyTrust
19011398.11c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
19021398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
19031398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
19041398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
19051398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
19061398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
19071398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
19081398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19091398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
19101398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
19111398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
19121398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
19131398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
19141398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19151398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19161398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
19171398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
19181398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
19191398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
19201398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19211398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19221398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
19231398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19241398.11c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19251398.11c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
19261398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\fastprox.dll *pfFlags=0x0 pwszSearchPath=00000000007589e0:C:\WINDOWS\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
19271398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
19281398.11c4: supR3HardenedDllNotificationCallback: load 000007fef2310000 LB 0x000e2000 C:\WINDOWS\system32\wbem\fastprox.dll [fFlags=0x0]
19291398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
19301398.11c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
19311398.11c4: supR3HardenedDllNotificationCallback: load 000007fef22e0000 LB 0x00027000 C:\WINDOWS\system32\NTDSAPI.dll [fFlags=0x0]
19321398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
19331398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2310000 'C:\WINDOWS\system32\wbem\fastprox.dll'
19341398.11c4: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.dll' -> 'C:\WINDOWS\system32\OLEAUT32.dll' [rcNt=0xc0150008]
19351398.11c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
19361398.11c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=00000000006eb980:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
19371398.11c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff7d0000 'C:\WINDOWS\system32\OLEAUT32.dll'
19381398.1fb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
19391398.1fb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
19401398.1fb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
19411398.1fb8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll)WinVerifyTrust
19421398.1fb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
19431398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19441398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19451398.1fb8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
19461398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
19471398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
19481398.1fb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
19491398.1fb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
19501398.1fb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
19511398.1fb8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll)WinVerifyTrust
19521398.1fb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
19531398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19541398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19551398.1fb8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
19561398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19571398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19581398.1fb8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
19591398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
19601398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
19611398.1fb8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
19621398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19631398.1fb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19641398.1fb8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
19651398.1fb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL *pfFlags=0x0 pwszSearchPath=00000000006ebce0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
19661398.1fb8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
19671398.1fb8: supR3HardenedDllNotificationCallback: load 000007fedabe0000 LB 0x00260000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
19681398.1fb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
19691398.1fb8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
19701398.1fb8: supR3HardenedDllNotificationCallback: load 000000006bd70000 LB 0x00109000 C:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
19711398.1fb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
19721398.1fb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedabe0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
19731398.23d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
19741398.23d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
19751398.23d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
19761398.23d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
19771398.23d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll)WinVerifyTrust
19781398.23d8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
19791398.23d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19801398.23d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19811398.23d8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
19821398.23d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19831398.23d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19841398.23d8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
19851398.23d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
19861398.23d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
19871398.23d8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
19881398.23d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19891398.23d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19901398.23d8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
19911398.23d8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL *pfFlags=0x0 pwszSearchPath=00000000006ebc50:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
19921398.23d8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
19931398.23d8: supR3HardenedDllNotificationCallback: load 000007fef4a10000 LB 0x00009000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
19941398.23d8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
19951398.23d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4a10000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
19961398.2198: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000734 pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
19971398.2198: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
19981398.2198: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
19991398.2198: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
20001398.2198: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
20011398.2198: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20021398.2198: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20031398.2198: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
20041398.2198: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
20051398.2198: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll)WinVerifyTrust
20061398.2198: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
20071398.2198: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
20081398.2198: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
20091398.2198: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
20101398.2198: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20111398.2198: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20121398.2198: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
20131398.2198: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20141398.2198: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20151398.2198: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
20161398.2198: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=00000000009d2f20:C:\WINDOWS\system32;C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
20171398.2198: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
20181398.2198: supR3HardenedDllNotificationCallback: load 000007fef9bd0000 LB 0x00056000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
20191398.2198: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
20201398.2198: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9bd0000 'C:\WINDOWS\system32\uxtheme.dll'
20211398.2198: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
20221398.2198: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=00000000009d2f20:C:\WINDOWS\system32;C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
20231398.2198: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9bd0000 'C:\WINDOWS\system32\uxtheme.dll'
20241398.2198: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
20251398.2198: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=00000000009d3ad0:C:\WINDOWS\system32;C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
20261398.2198: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9bd0000 'C:\WINDOWS\system32\uxtheme.dll'
20271398.2198: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
20281398.2198: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=00000000009d3ad0:C:\WINDOWS\system32;C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
20291398.2198: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9bd0000 'C:\WINDOWS\system32\uxtheme.dll'
20301398.21c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
20311398.21c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
20321398.21c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll)WinVerifyTrust
20331398.21c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
20341398.21c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20351398.21c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
20361398.21c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
20371398.21c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20381398.21c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20391398.21c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
20401398.21c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL *pfFlags=0x0 pwszSearchPath=0000000002acf2a0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
20411398.21c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
20421398.21c8: supR3HardenedDllNotificationCallback: load 000007fef4a00000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
20431398.21c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
20441398.21c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4a00000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
20451398.2064: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
20461398.2064: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
20471398.2064: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
20481398.2064: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll)WinVerifyTrust
20491398.2064: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
20501398.2064: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20511398.2064: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
20521398.2064: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
20531398.2064: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
20541398.2064: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
20551398.2064: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
20561398.2064: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20571398.2064: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20581398.2064: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
20591398.2064: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL *pfFlags=0x0 pwszSearchPath=0000000002acf2a0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
20601398.2064: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
20611398.2064: supR3HardenedDllNotificationCallback: load 000007fef49f0000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
20621398.2064: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
20631398.2064: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef49f0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
20641398.1f3c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
20651398.1f3c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
20661398.1f3c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
20671398.1f3c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll)WinVerifyTrust
20681398.1f3c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
20691398.1f3c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20701398.1f3c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
20711398.1f3c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
20721398.1f3c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
20731398.1f3c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
20741398.1f3c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
20751398.1f3c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20761398.1f3c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20771398.1f3c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
20781398.1f3c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL *pfFlags=0x0 pwszSearchPath=0000000002acf2a0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
20791398.1f3c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
20801398.1f3c: supR3HardenedDllNotificationCallback: load 000007fef4950000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
20811398.1f3c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
20821398.1f3c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4950000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
20831398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
20841398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
20851398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
20861398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
20871398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
20881398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
20891398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
20901398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
20911398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
20921398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
20931398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll)WinVerifyTrust
20941398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
20951398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
20961398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
20971398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000840 pwszName=\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
20981398.a20: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
20991398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
21001398.a20: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
21011398.a20: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL'
21021398.a20: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21031398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21041398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
21051398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
21061398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
21071398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL)WinVerifyTrust
21081398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
21091398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
21101398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
21111398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
21121398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
21131398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
21141398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
21151398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
21161398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
21171398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000084c pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
21181398.a20: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
21191398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
21201398.a20: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
21211398.a20: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
21221398.a20: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21231398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
21241398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
21251398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
21261398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
21271398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
21281398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
21291398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
21301398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll)WinVerifyTrust
21311398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
21321398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21331398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21341398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
21351398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
21361398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
21371398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
21381398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
21391398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
21401398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll)WinVerifyTrust
21411398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
21421398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
21431398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
21441398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
21451398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
21461398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
21471398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
21481398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'newdev.dll'.
21491398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
21501398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll)WinVerifyTrust
21511398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
21521398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
21531398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
21541398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
21551398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
21561398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
21571398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
21581398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
21591398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
21601398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
21611398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21621398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
21631398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
21641398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'newdev.dll'...
21651398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'newdev.dll' -> '\Device\HarddiskVolume2\Windows\System32\newdev.dll' [rcNtRedir=0xc0150008]
21661398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000858 pwszName=\Device\HarddiskVolume2\Windows\System32\newdev.dll
21671398.a20: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
21681398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
21691398.a20: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2F4B2CF91DA6B4233E3BF5D2EC9677240BFF983C
21701398.a20: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume2\Windows\System32\newdev.dll'
21711398.a20: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21721398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21731398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
21741398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
21751398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
21761398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'uxtheme.dll'.
21771398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'cfgmgr32.dll'.
21781398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'setupapi.dll'.
21791398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\newdev.dll)WinVerifyTrust
21801398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\newdev.dll
21811398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
21821398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
21831398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
21841398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21851398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21861398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
21871398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
21881398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
21891398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
21901398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
21911398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
21921398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
21931398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
21941398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
21951398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
21961398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
21971398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
21981398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
21991398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22001398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
22011398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
22021398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
22031398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
22041398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000864 pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
22051398.a20: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
22061398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
22071398.a20: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
22081398.a20: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
22091398.a20: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22101398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
22111398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
22121398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)WinVerifyTrust
22131398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
22141398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
22151398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
22161398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
22171398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
22181398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
22191398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
22201398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
22211398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
22221398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
22231398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
22241398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
22251398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
22261398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22271398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22281398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
22291398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
22301398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
22311398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000085c pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
22321398.a20: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
22331398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
22341398.a20: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
22351398.a20: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
22361398.a20: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22371398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
22381398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
22391398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
22401398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)WinVerifyTrust
22411398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
22421398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
22431398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
22441398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
22451398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
22461398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
22471398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000083c pwszName=\Device\HarddiskVolume2\Windows\System32\winnsi.dll
22481398.a20: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
22491398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
22501398.a20: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
22511398.a20: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winnsi.dll'
22521398.a20: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22531398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
22541398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
22551398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
22561398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winnsi.dll)WinVerifyTrust
22571398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winnsi.dll
22581398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
22591398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
22601398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
22611398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22621398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22631398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
22641398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
22651398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
22661398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
22671398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
22681398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
22691398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
22701398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22711398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22721398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
22731398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
22741398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
22751398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
22761398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
22771398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
22781398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
22791398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22801398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22811398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
22821398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
22831398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
22841398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
22851398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22861398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22871398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
22881398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
22891398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
22901398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
22911398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
22921398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
22931398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
22941398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
22951398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume2\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
22961398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
22971398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
22981398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
22991398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
23001398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23011398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23021398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
23031398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23041398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
23051398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
23061398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23071398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23081398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
23091398.a20: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL *pfFlags=0x0 pwszSearchPath=0000000002acf2a0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
23101398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
23111398.a20: supR3HardenedDllNotificationCallback: load 000007fed7490000 LB 0x008bb000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
23121398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
23131398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
23141398.a20: supR3HardenedDllNotificationCallback: load 000007fedecc0000 LB 0x0005f000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
23151398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
23161398.a20: supR3HardenedDllNotificationCallback: load 000007fefef50000 LB 0x001d7000 C:\WINDOWS\system32\SETUPAPI.dll [fFlags=0x0]
23171398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
23181398.a20: supR3HardenedDllNotificationCallback: load 000007fefd950000 LB 0x00036000 C:\WINDOWS\system32\CFGMGR32.dll [fFlags=0x0]
23191398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
23201398.a20: supR3HardenedDllNotificationCallback: load 000007fefd750000 LB 0x0001a000 C:\WINDOWS\system32\DEVOBJ.dll [fFlags=0x0]
23211398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
23221398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\newdev.dll
23231398.a20: supR3HardenedDllNotificationCallback: load 000007fee3a50000 LB 0x00051000 C:\WINDOWS\system32\newdev.dll [fFlags=0x0]
23241398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\newdev.dll
23251398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23261398.a20: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devrtl.dll)
23271398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devrtl.dll
23281398.a20: supR3HardenedDllNotificationCallback: load 000007fefc9d0000 LB 0x00012000 C:\WINDOWS\system32\devrtl.DLL [fFlags=0x0]
23291398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll [avoiding WinVerifyTrust]
23301398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
23311398.a20: supR3HardenedDllNotificationCallback: load 000007fef45a0000 LB 0x00034000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
23321398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
23331398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
23341398.a20: supR3HardenedDllNotificationCallback: load 000007fefc8e0000 LB 0x00027000 C:\WINDOWS\system32\IPHLPAPI.DLL [fFlags=0x0]
23351398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
23361398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winnsi.dll
23371398.a20: supR3HardenedDllNotificationCallback: load 000007fefc8d0000 LB 0x0000b000 C:\WINDOWS\system32\WINNSI.DLL [fFlags=0x0]
23381398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winnsi.dll
23391398.a20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed7490000 'C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL'
23401398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000086c pwszName=\Device\HarddiskVolume2\Windows\System32\devrtl.dll
23411398.a20: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
23421398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
23431398.a20: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A
23441398.a20: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
23451398.a20: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23461398.a20: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
23471398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
23481398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23491398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23501398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
23511398.a20: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxC.DLL *pfFlags=0x0 pwszSearchPath=0000000002acf2a0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
23521398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
23531398.a20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9e70000 'C:\Program Files\Oracle\VirtualBox/VBoxC.DLL'
23541398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
23551398.a20: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL *pfFlags=0x0 pwszSearchPath=0000000002acf2a0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
23561398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
23571398.a20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45a0000 'C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL'
23581398.330: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23591398.330: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
23601398.330: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
23611398.330: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll)WinVerifyTrust
23621398.330: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
23631398.330: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23641398.330: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
23651398.330: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
23661398.330: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
23671398.330: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
23681398.330: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
23691398.330: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23701398.330: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
23711398.330: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
23721398.330: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL *pfFlags=0x0 pwszSearchPath=0000000002acf2a0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
23731398.330: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
23741398.330: supR3HardenedDllNotificationCallback: load 000007fef4940000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
23751398.330: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
23761398.330: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4940000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
23771398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
23781398.a20: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32/Iphlpapi.dll *pfFlags=0x0 pwszSearchPath=0000000002acf2a0:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
23791398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
23801398.a20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc8e0000 'C:\WINDOWS\system32/Iphlpapi.dll'
23811398.a20: supR3HardenedMonitor_LdrLoadDll: 'dhcpcsvc6.DLL' -> 'C:\WINDOWS\system32\dhcpcsvc6.DLL' [rcNt=0xc0150008]
23821398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000954 pwszName=\Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll
23831398.a20: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
23841398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
23851398.a20: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A719769A21133C3F89F7BEA09AB706365F35DF8F
23861398.a20: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB2763523~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll'
23871398.a20: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23881398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23891398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
23901398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
23911398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll)WinVerifyTrust
23921398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll
23931398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
23941398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
23951398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
23961398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
23971398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
23981398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
23991398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24001398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24011398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
24021398.a20: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dhcpcsvc6.DLL *pfFlags=0x0 pwszSearchPath=0000000002acf960:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
24031398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll
24041398.a20: supR3HardenedDllNotificationCallback: load 000007fef4be0000 LB 0x00011000 C:\WINDOWS\system32\dhcpcsvc6.DLL [fFlags=0x0]
24051398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll
24061398.a20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4be0000 'C:\WINDOWS\system32\dhcpcsvc6.DLL'
24071398.a20: supR3HardenedMonitor_LdrLoadDll: 'IPHLPAPI.DLL' -> 'C:\WINDOWS\system32\IPHLPAPI.DLL' [rcNt=0xc0150008]
24081398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
24091398.a20: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IPHLPAPI.DLL *pfFlags=0x0 pwszSearchPath=0000000002acf960:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
24101398.a20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc8e0000 'C:\WINDOWS\system32\IPHLPAPI.DLL'
24111398.a20: supR3HardenedMonitor_LdrLoadDll: 'dhcpcsvc.DLL' -> 'C:\WINDOWS\system32\dhcpcsvc.DLL' [rcNt=0xc0150008]
24121398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000978 pwszName=\Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll
24131398.a20: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
24141398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
24151398.a20: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D89E2D6AED9A19082ECA108BEEF81A904C7A9756
24161398.a20: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll'
24171398.a20: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24181398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24191398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
24201398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
24211398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
24221398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll)WinVerifyTrust
24231398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll
24241398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
24251398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
24261398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
24271398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24281398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
24291398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
24301398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24311398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24321398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
24331398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24341398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24351398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
24361398.a20: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dhcpcsvc.DLL *pfFlags=0x0 pwszSearchPath=0000000002acf330:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
24371398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll
24381398.a20: supR3HardenedDllNotificationCallback: load 000007fef4b70000 LB 0x00018000 C:\WINDOWS\system32\dhcpcsvc.DLL [fFlags=0x0]
24391398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll
24401398.a20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4b70000 'C:\WINDOWS\system32\dhcpcsvc.DLL'
24411398.a20: supR3HardenedMonitor_LdrLoadDll: 'IPHLPAPI.DLL' -> 'C:\WINDOWS\system32\IPHLPAPI.DLL' [rcNt=0xc0150008]
24421398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
24431398.a20: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IPHLPAPI.DLL *pfFlags=0x0 pwszSearchPath=0000000002acf330:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
24441398.a20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc8e0000 'C:\WINDOWS\system32\IPHLPAPI.DLL'
24451398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
24461398.a20: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32/kernel32.dll *pfFlags=0x0 pwszSearchPath=0000000002acf330:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
24471398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
24481398.a20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000777a0000 'C:\WINDOWS\system32/kernel32.dll'
24491398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009d4 pwszName=\Device\HarddiskVolume2\Windows\System32\mswsock.dll
24501398.a20: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
24511398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
24521398.a20: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C8E5754748E0E000AB425BF2AEB177780FB43945
24531398.a20: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2888049~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\mswsock.dll'
24541398.a20: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24551398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24561398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
24571398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
24581398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
24591398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mswsock.dll)WinVerifyTrust
24601398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mswsock.dll
24611398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24621398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
24631398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
24641398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24651398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24661398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
24671398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
24681398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
24691398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
24701398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24711398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24721398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
24731398.a20: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\mswsock.dll *pfFlags=0x0 pwszSearchPath=0000000002acf450:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
24741398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mswsock.dll
24751398.a20: supR3HardenedDllNotificationCallback: load 000007fefcef0000 LB 0x00055000 C:\WINDOWS\system32\mswsock.dll [fFlags=0x0]
24761398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mswsock.dll
24771398.a20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcef0000 'C:\WINDOWS\system32\mswsock.dll'
24781398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009f8 pwszName=\Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL
24791398.a20: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006b61f0
24801398.a20: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006b61f0
24811398.a20: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1EFFE58BB9FD8A94FD1609B7F82A43C8E09D98AA
24821398.a20: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL'
24831398.a20: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24841398.a20: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ws2_32.dll'.
24851398.a20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL)WinVerifyTrust
24861398.a20: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL
24871398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24881398.a20: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
24891398.a20: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
24901398.a20: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wshtcpip.dll *pfFlags=0x0 pwszSearchPath=0000000002acf450:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
24911398.a20: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL
24921398.a20: supR3HardenedDllNotificationCallback: load 000007fefb800000 LB 0x00007000 C:\WINDOWS\System32\wshtcpip.dll [fFlags=0x0]
24931398.a20: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\WSHTCPIP.DLL
24941398.a20: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb800000 'C:\WINDOWS\System32\wshtcpip.dll'
24951398.1fb8: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.dll' -> 'C:\WINDOWS\system32\OLEAUT32.dll' [rcNt=0xc0150008]
24961398.1fb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
24971398.1fb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=0000000002acf450:C:\Program Files\Oracle\VirtualBox;C:\WINDOWS\system32 [calling]
24981398.1fb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff7d0000 'C:\WINDOWS\system32\OLEAUT32.dll'
24991398.330: supR3HardenedDllNotificationCallback: Unload 000007fef4940000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [flags=0x0]
25001398.1f3c: supR3HardenedDllNotificationCallback: Unload 000007fef4950000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [flags=0x0]
25011398.2064: supR3HardenedDllNotificationCallback: Unload 000007fef49f0000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [flags=0x0]
25021398.21c8: supR3HardenedDllNotificationCallback: Unload 000007fef4a00000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0]
25031398.23d8: supR3HardenedDllNotificationCallback: Unload 000007fef4a10000 LB 0x00009000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0]
25041398.a20: supR3HardenedDllNotificationCallback: Unload 000007fefb800000 LB 0x00007000 C:\WINDOWS\System32\wshtcpip.dll [flags=0x0]
25051398.a20: supR3HardenedDllNotificationCallback: Unload 000007fed7490000 LB 0x008bb000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [flags=0x0]
25061398.a20: supR3HardenedDllNotificationCallback: Unload 000007fef45a0000 LB 0x00034000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [flags=0x0]
25071398.a20: supR3HardenedDllNotificationCallback: Unload 000007fedecc0000 LB 0x0005f000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [flags=0x0]
25081398.a20: supR3HardenedDllNotificationCallback: Unload 000007fee3a50000 LB 0x00051000 C:\WINDOWS\system32\newdev.dll [flags=0x0]
25091398.a20: supR3HardenedDllNotificationCallback: Unload 000007fefef50000 LB 0x001d7000 C:\WINDOWS\system32\SETUPAPI.dll [flags=0x0]
25101398.a20: supR3HardenedDllNotificationCallback: Unload 000007fefd750000 LB 0x0001a000 C:\WINDOWS\system32\DEVOBJ.dll [flags=0x0]
25111398.a20: supR3HardenedDllNotificationCallback: Unload 000007fefd950000 LB 0x00036000 C:\WINDOWS\system32\CFGMGR32.dll [flags=0x0]
25121398.a20: supR3HardenedDllNotificationCallback: Unload 000007fefc9d0000 LB 0x00012000 C:\WINDOWS\system32\devrtl.DLL [flags=0x0]
25131398.11c4: supR3HardenedDllNotificationCallback: Unload 000007fef2310000 LB 0x000e2000 C:\WINDOWS\system32\wbem\fastprox.dll [flags=0x0]
25141398.11c4: supR3HardenedDllNotificationCallback: Unload 000007fef22e0000 LB 0x00027000 C:\WINDOWS\system32\NTDSAPI.dll [flags=0x0]
25151398.11c4: supR3HardenedDllNotificationCallback: Unload 000007fef1f20000 LB 0x00014000 C:\WINDOWS\system32\wbem\wbemsvc.dll [flags=0x0]
25161398.11c4: supR3HardenedDllNotificationCallback: Unload 000007fef9f90000 LB 0x0000f000 C:\WINDOWS\system32\wbem\wbemprox.dll [flags=0x0]
25171398.11c4: supR3HardenedDllNotificationCallback: Unload 000007fef9820000 LB 0x00086000 C:\WINDOWS\system32\wbemcomn.dll [flags=0x0]
25181398.11c4: supR3HardenedDllNotificationCallback: Unload 000007fed9e70000 LB 0x004e7000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [flags=0x0]
25191398.11c4: Terminating the normal way: rcExit=0
25204fc.22ec: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 145885 ms, the end);
2521191c.2148: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 147055 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy