| 1 | fe8.fb4: \Device\HarddiskVolume6\Program Files\Agnitum\Outpost Firewall Pro\WL_HOO~1.DLL: Owner is administrators group.
|
|---|
| 2 | fe8.fb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume6\Program Files\Agnitum\Outpost Firewall Pro\WL_HOO~1.DLL'.
|
|---|
| 3 | fe8.fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
|
|---|
| 4 | fe8.fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
|
|---|
| 5 | fe8.fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'shell32.dll'.
|
|---|
| 6 | fe8.fb4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume6\Program Files\Agnitum\Outpost Firewall Pro\WL_HOO~1.DLL)
|
|---|
| 7 | fe8.fb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume6\Program Files\Agnitum\Outpost Firewall Pro\WL_HOO~1.DLL
|
|---|
| 8 | fe8.fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
|
|---|
| 9 | fe8.fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume6\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 10 | fe8.fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume6\Windows\System32\shell32.dll [redoing WinVerifyTrust]
|
|---|
| 11 | fe8.fb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume6\Windows\System32\shell32.dll'.
|
|---|
| 12 | fe8.fb4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume6\Windows\System32\shell32.dll
|
|---|
| 13 | fe8.fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
|
|---|
| 14 | fe8.fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume6\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 15 | fe8.fb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume6\Windows\System32\advapi32.dll
|
|---|
| 16 | fe8.fb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
|
|---|
| 17 | fe8.fb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume6\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
|
|---|
| 18 | fe8.fb4: supR3HardenedMonitor_LdrLoadDll: pName=c:\progra~1\agnitum\outpos~1\wl_hoo~1.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
|
|---|
| 19 | fe8.fb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume6\Program Files\Agnitum\Outpost Firewall Pro\WL_HOO~1.DLL [avoiding WinVerifyTrust]
|
|---|
| 20 | fe8.fb4: supR3HardenedDllNotificationCallback: load 00007ff92e2d0000 LB 0x00160000 c:\progra~1\agnitum\outpos~1\wl_hoo~1.dll [fFlags=0x0]
|
|---|
| 21 | fe8.fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume6\Program Files\Agnitum\Outpost Firewall Pro\WL_HOO~1.DLL [avoiding WinVerifyTrust]
|
|---|
| 22 | fe8.fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff92e2d0000 'c:\progra~1\agnitum\outpos~1\wl_hoo~1.dll'
|
|---|
| 23 | fe8.fb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume6\Program Files\Agnitum\Outpost Firewall Pro\WL_HOO~1.DLL'.
|
|---|
| 24 | fe8.fb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume6\Program Files\Agnitum\Outpost Firewall Pro\WL_HOO~1.DLL' [rescheduled]
|
|---|
| 25 | fe8.fb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume6\Windows\System32\advapi32.dll
|
|---|
| 26 | fe8.fb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
|
|---|
| 27 | fe8.fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff930a50000 'C:\Windows\system32\ADVAPI32.DLL'
|
|---|
| 28 | fe8.fb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff912a70000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
|
|---|
| 29 | fe8.fb4: SUPR3HardenedMain: Calling TrustedMain (00007ff912a716c0)...
|
|---|
| 30 | fe8.fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
|
|---|
| 31 | fe8.fb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'combase.dll'.
|
|---|