VirtualBox

Ticket #13677: VBoxStartup.2.log

File VBoxStartup.2.log, 167.0 KB (added by aWin8user, 10 years ago)

Windows 7 - VBoxStartup.log

Line 
11734.1738: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
21734.1738: \SystemRoot\System32\ntdll.dll:
31734.1738: CreationTime: 2013-10-09T02:33:01.070441800Z
41734.1738: LastWriteTime: 2013-08-29T02:16:35.515578900Z
51734.1738: ChangeTime: 2013-10-14T06:04:12.061317000Z
61734.1738: FileAttributes: 0x20
71734.1738: Size: 0x1a6dc0
81734.1738: NT Headers: 0xe0
91734.1738: Timestamp: 0x521eaf24
101734.1738: Machine: 0x8664 - amd64
111734.1738: Timestamp: 0x521eaf24
121734.1738: Image Version: 6.1
131734.1738: SizeOfImage: 0x1a9000 (1740800)
141734.1738: Resource Dir: 0x151000 LB 0x560d8
151734.1738: ProductName: Microsoft® Windows® Operating System
161734.1738: ProductVersion: 6.1.7601.18247
171734.1738: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
181734.1738: FileDescription: NT Layer DLL
191734.1738: \SystemRoot\System32\kernel32.dll:
201734.1738: CreationTime: 2014-04-09T04:29:22.528999500Z
211734.1738: LastWriteTime: 2014-03-04T09:44:00.336000000Z
221734.1738: ChangeTime: 2014-04-23T06:27:11.575749200Z
231734.1738: FileAttributes: 0x20
241734.1738: Size: 0x11c000
251734.1738: NT Headers: 0xe8
261734.1738: Timestamp: 0x5315a059
271734.1738: Machine: 0x8664 - amd64
281734.1738: Timestamp: 0x5315a059
291734.1738: Image Version: 6.1
301734.1738: SizeOfImage: 0x11f000 (1175552)
311734.1738: Resource Dir: 0x116000 LB 0x528
321734.1738: ProductName: Microsoft® Windows® Operating System
331734.1738: ProductVersion: 6.1.7601.18409
341734.1738: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
351734.1738: FileDescription: Windows NT BASE API Client DLL
361734.1738: \SystemRoot\System32\KernelBase.dll:
371734.1738: CreationTime: 2014-05-14T06:20:31.970103000Z
381734.1738: LastWriteTime: 2014-03-04T09:44:00.336000000Z
391734.1738: ChangeTime: 2014-05-14T07:09:24.503136300Z
401734.1738: FileAttributes: 0x20
411734.1738: Size: 0x67c00
421734.1738: NT Headers: 0xe8
431734.1738: Timestamp: 0x5315a05a
441734.1738: Machine: 0x8664 - amd64
451734.1738: Timestamp: 0x5315a05a
461734.1738: Image Version: 6.1
471734.1738: SizeOfImage: 0x6c000 (442368)
481734.1738: Resource Dir: 0x6a000 LB 0x530
491734.1738: ProductName: Microsoft® Windows® Operating System
501734.1738: ProductVersion: 6.1.7601.18409
511734.1738: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
521734.1738: FileDescription: Windows NT BASE API Client DLL
531734.1738: \SystemRoot\System32\apisetschema.dll:
541734.1738: CreationTime: 2013-09-11T03:10:57.247915800Z
551734.1738: LastWriteTime: 2013-08-02T02:12:20.275000000Z
561734.1738: ChangeTime: 2013-09-18T06:03:52.837321500Z
571734.1738: FileAttributes: 0x20
581734.1738: Size: 0x1a00
591734.1738: NT Headers: 0xc0
601734.1738: Timestamp: 0x51fb15ca
611734.1738: Machine: 0x8664 - amd64
621734.1738: Timestamp: 0x51fb15ca
631734.1738: Image Version: 6.1
641734.1738: SizeOfImage: 0x50000 (327680)
651734.1738: Resource Dir: 0x30000 LB 0x3f8
661734.1738: ProductName: Microsoft® Windows® Operating System
671734.1738: ProductVersion: 6.1.7601.18229
681734.1738: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
691734.1738: FileDescription: ApiSet Schema DLL
701734.1738: NtOpenDirectoryObject failed on \Driver: 0xc0000022
711734.1738: supR3HardenedWinFindAdversaries: 0x0
721734.1738: Calling main()
731734.1738: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
741734.1738: SUPR3HardenedMain: Respawn #1
751734.1738: System32: \Device\HarddiskVolume4\Windows\System32
761734.1738: WinSxS: \Device\HarddiskVolume4\Windows\winsxs
771734.1738: KnownDllPath: C:\Windows\system32
781734.1738: '\Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe' has no imports
791734.1738: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe)
801734.1738: supR3HardNtEnableThreadCreation:
811734.1738: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770dc340 pvNtTerminateThread=00000000771017e0
821734.1738: supR3HardenedWinDoReSpawn(1): New child 1744.1748 [kernel32].
831734.1738: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd6000 cbPeb=0x380
841734.1738: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000770b0000 uNtDllChildAddr=00000000770b0000
851734.1738: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000770dc340
861734.1738: supR3HardenedWinSetupChildInit: Start child.
871734.1738: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
881734.1738: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 33 sleeps
891734.1738: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
901734.1738: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
911734.1738: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
921734.1738: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
931734.1738: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
941734.1738: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
951734.1738: 0000000000041000-fffffffffff71fff 0x0001/0x0000 0x0000000
961734.1738: *0000000000110000-0000000000013fff 0x0000/0x0004 0x0020000
971734.1738: 000000000020c000-0000000000208fff 0x0104/0x0004 0x0020000
981734.1738: 000000000020f000-000000000020dfff 0x0004/0x0004 0x0020000
991734.1738: 0000000000210000-ffffffff8936ffff 0x0001/0x0000 0x0000000
1001734.1738: *00000000770b0000-00000000770aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1011734.1738: 00000000770b1000-0000000076faefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1021734.1738: 00000000771b3000-0000000077183fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1031734.1738: 00000000771e2000-00000000771d9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1041734.1738: 00000000771ea000-00000000771e8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1051734.1738: 00000000771eb000-00000000771e7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1061734.1738: 00000000771ee000-0000000077182fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1071734.1738: 0000000077259000-000000006f4d1fff 0x0001/0x0000 0x0000000
1081734.1738: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
1091734.1738: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1101734.1738: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1111734.1738: 000000007fff0000-ffffffffc0caffff 0x0001/0x0000 0x0000000
1121734.1738: *000000013f330000-000000013f32efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
1131734.1738: 000000013f331000-000000013f2acfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
1141734.1738: 000000013f3b5000-000000013f3b3fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
1151734.1738: 000000013f3b6000-000000013f378fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
1161734.1738: 000000013f3f3000-000000013f3f1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
1171734.1738: 000000013f3f4000-000000013f3f2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
1181734.1738: 000000013f3f5000-000000013f3f2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
1191734.1738: 000000013f3f7000-000000013f3f5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
1201734.1738: 000000013f3f8000-000000013f3f6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
1211734.1738: 000000013f3f9000-000000013f3f4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
1221734.1738: 000000013f3fd000-000000013f3c3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
1231734.1738: 000000013f436000-fffff8037f49bfff 0x0001/0x0000 0x0000000
1241734.1738: *000007feff3d0000-000007feff3cefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\apisetschema.dll
1251734.1738: 000007feff3d1000-000007fdfe7f1fff 0x0001/0x0000 0x0000000
1261734.1738: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
1271734.1738: 000007fffffd3000-000007fffffcffff 0x0001/0x0000 0x0000000
1281734.1738: *000007fffffd6000-000007fffffd4fff 0x0004/0x0004 0x0020000
1291734.1738: 000007fffffd7000-000007fffffcffff 0x0001/0x0000 0x0000000
1301734.1738: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
1311734.1738: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
1321734.1738: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
1331734.1738: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
1341734.1738: '\Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe' has no imports
1351734.1738: '\Device\HarddiskVolume4\Windows\System32\apisetschema.dll' has no imports
1361734.1738: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
1371734.1738: supR3HardNtChildPurify: Done after 284 ms and 0 fixes (loop #0).
1381744.1748: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
1391744.1748: supR3HardenedVmProcessInit: uNtDllAddr=00000000770b0000
1401744.1748: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
1411744.1748: New simple heap: #1 0000000000310000 LB 0x400000 (for 1740800 allocation)
1421734.1738: supR3HardNtEnableThreadCreation:
1431744.1748: System32: \Device\HarddiskVolume4\Windows\System32
1441744.1748: WinSxS: \Device\HarddiskVolume4\Windows\winsxs
1451744.1748: KnownDllPath: C:\Windows\system32
1461744.1748: supR3HardenedVmProcessInit: Opening vboxdrv stub...
1471744.1748: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
1481744.1748: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
1491744.1748: Registered Dll notification callback with NTDLL.
1501744.1748: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
1511744.1748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
1521744.1748: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
1531744.1748: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1541744.1748: supR3HardenedDllNotificationCallback: load 0000000076e90000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
1551744.1748: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1561744.1748: supR3HardenedDllNotificationCallback: load 000007fefd1c0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
1571744.1748: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
1581744.1748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
1591744.1748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e90000 'C:\Windows\system32\kernel32.dll'
1601744.1748: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770dc340 pvNtTerminateThread=00000000771017e0
1611734.1738: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 21 ms.
1621744.1748: \SystemRoot\System32\ntdll.dll:
1631744.1748: CreationTime: 2013-10-09T02:33:01.070441800Z
1641744.1748: LastWriteTime: 2013-08-29T02:16:35.515578900Z
1651744.1748: ChangeTime: 2013-10-14T06:04:12.061317000Z
1661744.1748: FileAttributes: 0x20
1671744.1748: Size: 0x1a6dc0
1681744.1748: NT Headers: 0xe0
1691744.1748: Timestamp: 0x521eaf24
1701744.1748: Machine: 0x8664 - amd64
1711744.1748: Timestamp: 0x521eaf24
1721744.1748: Image Version: 6.1
1731744.1748: SizeOfImage: 0x1a9000 (1740800)
1741744.1748: Resource Dir: 0x151000 LB 0x560d8
1751744.1748: ProductName: Microsoft® Windows® Operating System
1761744.1748: ProductVersion: 6.1.7601.18247
1771744.1748: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
1781744.1748: FileDescription: NT Layer DLL
1791744.1748: \SystemRoot\System32\kernel32.dll:
1801744.1748: CreationTime: 2014-04-09T04:29:22.528999500Z
1811744.1748: LastWriteTime: 2014-03-04T09:44:00.336000000Z
1821744.1748: ChangeTime: 2014-04-23T06:27:11.575749200Z
1831744.1748: FileAttributes: 0x20
1841744.1748: Size: 0x11c000
1851744.1748: NT Headers: 0xe8
1861744.1748: Timestamp: 0x5315a059
1871744.1748: Machine: 0x8664 - amd64
1881744.1748: Timestamp: 0x5315a059
1891744.1748: Image Version: 6.1
1901744.1748: SizeOfImage: 0x11f000 (1175552)
1911744.1748: Resource Dir: 0x116000 LB 0x528
1921744.1748: ProductName: Microsoft® Windows® Operating System
1931744.1748: ProductVersion: 6.1.7601.18409
1941744.1748: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
1951744.1748: FileDescription: Windows NT BASE API Client DLL
1961744.1748: \SystemRoot\System32\KernelBase.dll:
1971744.1748: CreationTime: 2014-05-14T06:20:31.970103000Z
1981744.1748: LastWriteTime: 2014-03-04T09:44:00.336000000Z
1991744.1748: ChangeTime: 2014-05-14T07:09:24.503136300Z
2001744.1748: FileAttributes: 0x20
2011744.1748: Size: 0x67c00
2021744.1748: NT Headers: 0xe8
2031744.1748: Timestamp: 0x5315a05a
2041744.1748: Machine: 0x8664 - amd64
2051744.1748: Timestamp: 0x5315a05a
2061744.1748: Image Version: 6.1
2071744.1748: SizeOfImage: 0x6c000 (442368)
2081744.1748: Resource Dir: 0x6a000 LB 0x530
2091744.1748: ProductName: Microsoft® Windows® Operating System
2101744.1748: ProductVersion: 6.1.7601.18409
2111744.1748: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
2121744.1748: FileDescription: Windows NT BASE API Client DLL
2131744.1748: \SystemRoot\System32\apisetschema.dll:
2141744.1748: CreationTime: 2013-09-11T03:10:57.247915800Z
2151744.1748: LastWriteTime: 2013-08-02T02:12:20.275000000Z
2161744.1748: ChangeTime: 2013-09-18T06:03:52.837321500Z
2171744.1748: FileAttributes: 0x20
2181744.1748: Size: 0x1a00
2191744.1748: NT Headers: 0xc0
2201744.1748: Timestamp: 0x51fb15ca
2211744.1748: Machine: 0x8664 - amd64
2221744.1748: Timestamp: 0x51fb15ca
2231744.1748: Image Version: 6.1
2241744.1748: SizeOfImage: 0x50000 (327680)
2251744.1748: Resource Dir: 0x30000 LB 0x3f8
2261744.1748: ProductName: Microsoft® Windows® Operating System
2271744.1748: ProductVersion: 6.1.7601.18229
2281744.1748: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
2291744.1748: FileDescription: ApiSet Schema DLL
2301744.1748: NtOpenDirectoryObject failed on \Driver: 0xc0000022
2311744.1748: supR3HardenedWinFindAdversaries: 0x0
2321744.1748: Calling main()
2331744.1748: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2341744.1748: '\Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe' has no imports
2351744.1748: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe)
2361744.1748: SUPR3HardenedMain: Respawn #2
2371744.1748: supR3HardNtEnableThreadCreation:
2381744.1748: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\apphelp.dll)
2391744.1748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\apphelp.dll
2401744.1748: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2411744.1748: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2421744.1748: supR3HardenedDllNotificationCallback: load 000007fefccb0000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
2431744.1748: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
2441744.1748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefccb0000 'C:\Windows\system32\apphelp.dll'
2451744.1748: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770dc340 pvNtTerminateThread=00000000771017e0
2461744.1748: supR3HardenedWinDoReSpawn(2): New child 1768.176c [kernel32].
2471744.1748: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdd000 cbPeb=0x380
2481744.1748: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000770b0000 uNtDllChildAddr=00000000770b0000
2491744.1748: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000770dc340
2501744.1748: supR3HardenedWinSetupChildInit: Start child.
2511744.1748: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
2521744.1748: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 33 sleeps
2531744.1748: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2541744.1748: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
2551744.1748: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
2561744.1748: *0000000000030000-fffffffffff33fff 0x0000/0x0004 0x0020000
2571744.1748: 000000000012c000-0000000000128fff 0x0104/0x0004 0x0020000
2581744.1748: 000000000012f000-000000000012dfff 0x0004/0x0004 0x0020000
2591744.1748: *0000000000130000-000000000012bfff 0x0002/0x0002 0x0040000
2601744.1748: 0000000000134000-0000000000127fff 0x0001/0x0000 0x0000000
2611744.1748: *0000000000140000-000000000013efff 0x0004/0x0004 0x0020000
2621744.1748: 0000000000141000-ffffffff891d1fff 0x0001/0x0000 0x0000000
2631744.1748: *00000000770b0000-00000000770aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2641744.1748: 00000000770b1000-0000000076faefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2651744.1748: 00000000771b3000-0000000077183fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2661744.1748: 00000000771e2000-00000000771d9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2671744.1748: 00000000771ea000-00000000771e8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2681744.1748: 00000000771eb000-00000000771e7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2691744.1748: 00000000771ee000-0000000077182fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2701744.1748: 0000000077259000-000000006f4d1fff 0x0001/0x0000 0x0000000
2711744.1748: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
2721744.1748: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2731744.1748: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2741744.1748: 000000007fff0000-ffffffffc0caffff 0x0001/0x0000 0x0000000
2751744.1748: *000000013f330000-000000013f32efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
2761744.1748: 000000013f331000-000000013f2acfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
2771744.1748: 000000013f3b5000-000000013f3b3fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
2781744.1748: 000000013f3b6000-000000013f378fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
2791744.1748: 000000013f3f3000-000000013f3f1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
2801744.1748: 000000013f3f4000-000000013f3f2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
2811744.1748: 000000013f3f5000-000000013f3f2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
2821744.1748: 000000013f3f7000-000000013f3f5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
2831744.1748: 000000013f3f8000-000000013f3f6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
2841744.1748: 000000013f3f9000-000000013f3f4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
2851744.1748: 000000013f3fd000-000000013f3c3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe
2861744.1748: 000000013f436000-fffff8037f49bfff 0x0001/0x0000 0x0000000
2871744.1748: *000007feff3d0000-000007feff3cefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\apisetschema.dll
2881744.1748: 000007feff3d1000-000007fdfe7f1fff 0x0001/0x0000 0x0000000
2891744.1748: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
2901744.1748: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
2911744.1748: *000007fffffdd000-000007fffffdbfff 0x0004/0x0004 0x0020000
2921744.1748: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
2931744.1748: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2941744.1748: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
2951744.1748: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
2961744.1748: '\Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe' has no imports
2971744.1748: '\Device\HarddiskVolume4\Windows\System32\apisetschema.dll' has no imports
2981744.1748: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
2991744.1748: supR3HardNtChildPurify: Done after 285 ms and 0 fixes (loop #0).
3001768.176c: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
3011768.176c: supR3HardenedVmProcessInit: uNtDllAddr=00000000770b0000
3021768.176c: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
3031768.176c: New simple heap: #1 0000000000250000 LB 0x400000 (for 1740800 allocation)
3041744.1748: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000310000 LB 0x400000)
3051744.1748: supR3HardNtEnableThreadCreation:
3061768.176c: System32: \Device\HarddiskVolume4\Windows\System32
3071768.176c: WinSxS: \Device\HarddiskVolume4\Windows\winsxs
3081768.176c: KnownDllPath: C:\Windows\system32
3091768.176c: supR3HardenedVmProcessInit: Opening vboxdrv...
3101768.176c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3111768.176c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3121768.176c: Registered Dll notification callback with NTDLL.
3131768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
3141768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
3151768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
3161768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3171768.176c: supR3HardenedDllNotificationCallback: load 0000000076e90000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
3181768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3191768.176c: supR3HardenedDllNotificationCallback: load 000007fefd1c0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
3201768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
3211768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
3221768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e90000 'C:\Windows\system32\kernel32.dll'
3231768.176c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770dc340 pvNtTerminateThread=00000000771017e0
3241744.1748: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 24 ms.
3251768.176c: \SystemRoot\System32\ntdll.dll:
3261768.176c: CreationTime: 2013-10-09T02:33:01.070441800Z
3271768.176c: LastWriteTime: 2013-08-29T02:16:35.515578900Z
3281768.176c: ChangeTime: 2013-10-14T06:04:12.061317000Z
3291768.176c: FileAttributes: 0x20
3301768.176c: Size: 0x1a6dc0
3311768.176c: NT Headers: 0xe0
3321768.176c: Timestamp: 0x521eaf24
3331768.176c: Machine: 0x8664 - amd64
3341768.176c: Timestamp: 0x521eaf24
3351768.176c: Image Version: 6.1
3361768.176c: SizeOfImage: 0x1a9000 (1740800)
3371768.176c: Resource Dir: 0x151000 LB 0x560d8
3381768.176c: ProductName: Microsoft® Windows® Operating System
3391768.176c: ProductVersion: 6.1.7601.18247
3401768.176c: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
3411768.176c: FileDescription: NT Layer DLL
3421768.176c: \SystemRoot\System32\kernel32.dll:
3431768.176c: CreationTime: 2014-04-09T04:29:22.528999500Z
3441768.176c: LastWriteTime: 2014-03-04T09:44:00.336000000Z
3451768.176c: ChangeTime: 2014-04-23T06:27:11.575749200Z
3461768.176c: FileAttributes: 0x20
3471768.176c: Size: 0x11c000
3481768.176c: NT Headers: 0xe8
3491768.176c: Timestamp: 0x5315a059
3501768.176c: Machine: 0x8664 - amd64
3511768.176c: Timestamp: 0x5315a059
3521768.176c: Image Version: 6.1
3531768.176c: SizeOfImage: 0x11f000 (1175552)
3541768.176c: Resource Dir: 0x116000 LB 0x528
3551768.176c: ProductName: Microsoft® Windows® Operating System
3561768.176c: ProductVersion: 6.1.7601.18409
3571768.176c: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3581768.176c: FileDescription: Windows NT BASE API Client DLL
3591768.176c: \SystemRoot\System32\KernelBase.dll:
3601768.176c: CreationTime: 2014-05-14T06:20:31.970103000Z
3611768.176c: LastWriteTime: 2014-03-04T09:44:00.336000000Z
3621768.176c: ChangeTime: 2014-05-14T07:09:24.503136300Z
3631768.176c: FileAttributes: 0x20
3641768.176c: Size: 0x67c00
3651768.176c: NT Headers: 0xe8
3661768.176c: Timestamp: 0x5315a05a
3671768.176c: Machine: 0x8664 - amd64
3681768.176c: Timestamp: 0x5315a05a
3691768.176c: Image Version: 6.1
3701768.176c: SizeOfImage: 0x6c000 (442368)
3711768.176c: Resource Dir: 0x6a000 LB 0x530
3721768.176c: ProductName: Microsoft® Windows® Operating System
3731768.176c: ProductVersion: 6.1.7601.18409
3741768.176c: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3751768.176c: FileDescription: Windows NT BASE API Client DLL
3761768.176c: \SystemRoot\System32\apisetschema.dll:
3771768.176c: CreationTime: 2013-09-11T03:10:57.247915800Z
3781768.176c: LastWriteTime: 2013-08-02T02:12:20.275000000Z
3791768.176c: ChangeTime: 2013-09-18T06:03:52.837321500Z
3801768.176c: FileAttributes: 0x20
3811768.176c: Size: 0x1a00
3821768.176c: NT Headers: 0xc0
3831768.176c: Timestamp: 0x51fb15ca
3841768.176c: Machine: 0x8664 - amd64
3851768.176c: Timestamp: 0x51fb15ca
3861768.176c: Image Version: 6.1
3871768.176c: SizeOfImage: 0x50000 (327680)
3881768.176c: Resource Dir: 0x30000 LB 0x3f8
3891768.176c: ProductName: Microsoft® Windows® Operating System
3901768.176c: ProductVersion: 6.1.7601.18229
3911768.176c: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
3921768.176c: FileDescription: ApiSet Schema DLL
3931768.176c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
3941768.176c: supR3HardenedWinFindAdversaries: 0x0
3951768.176c: Calling main()
3961768.176c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
3971768.176c: '\Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe' has no imports
3981768.176c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VirtualBox.exe)
3991768.176c: SUPR3HardenedMain: Final process, opening VBoxDrv...
4001768.176c: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000250000 LB 0x400000)
4011768.176c: supR3HardNtEnableThreadCreation:
4021768.176c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VBoxSupLib.dll)
4031768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VBoxSupLib.dll
4041768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle VM VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835230:C:\Windows\system32 [calling]
4051768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4061768.176c: supR3HardenedDllNotificationCallback: load 000007fef9c70000 LB 0x00004000 C:\Program Files\Oracle VM VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
4071768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4081768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4091768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle VM VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
4101768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Program Files\Oracle VM VirtualBox\VBoxSupLib.DLL'
4111768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4121768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle VM VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
4131768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Program Files\Oracle VM VirtualBox\VBoxSupLib.DLL'
4141768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9c70000 'C:\Program Files\Oracle VM VirtualBox\VBoxSupLib.DLL'
4151768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4161768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
4171768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
4181768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
4191768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll)
4201768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll
4211768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4221768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4231768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
4241768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
4251768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4261768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4271768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll)
4281768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll
4291768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
4301768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
4311768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4321768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
4331768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll)
4341768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll
4351768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4361768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4371768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
4381768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
4391768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4401768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4411768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4421768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4431768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4441768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4451768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835230:C:\Windows\system32 [calling]
4461768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4471768.176c: supR3HardenedDllNotificationCallback: load 000007fefced0000 LB 0x0003a000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
4481768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4491768.176c: supR3HardenedDllNotificationCallback: load 000007fefd760000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
4501768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4511768.176c: supR3HardenedDllNotificationCallback: load 000007fefd000000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
4521768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4531768.176c: supR3HardenedDllNotificationCallback: load 000007fefce80000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
4541768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4551768.176c: supR3HardenedDllNotificationCallback: load 000007fefd5e0000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
4561768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4571768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefced0000 'C:\Windows\system32\Wintrust.dll'
4581768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll)
4591768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll
4601768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
4611768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
4621768.176c: supR3HardenedDllNotificationCallback: load 000007fefc7b0000 LB 0x00017000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
4631768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
4641768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc7b0000 'C:\Windows\system32\CRYPTSP.dll'
4651768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4661768.176c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll)
4671768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
4681768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4691768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4701768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4711768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
4721768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4731768.176c: supR3HardenedDllNotificationCallback: load 000007fefc390000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
4741768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4751768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc390000 'C:\Windows\system32\rsaenh.dll'
4761768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4771768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
4781768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
4791768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
4801768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4811768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4821768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4831768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4841768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4851768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4861768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
4871768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4881768.176c: supR3HardenedDllNotificationCallback: load 000007fefe170000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
4891768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4901768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
4911768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
4921768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
4931768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
4941768.176c: supR3HardenedDllNotificationCallback: load 000007fefe2c0000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
4951768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
4961768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe170000 'C:\Windows\system32\ADVAPI32.dll'
4971768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
4981768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
4991768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5001768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5011768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5021768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5031768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5041768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5051768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
5061768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5071768.176c: supR3HardenedDllNotificationCallback: load 000007fefcd10000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
5081768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5091768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd10000 'C:\Windows\system32\CRYPTBASE.dll'
5101768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5111768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
5121768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e90000 'C:\Windows\system32\kernel32.dll'
5131768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5141768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
5151768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefced0000 'C:\Windows\system32\WINTRUST.DLL'
5161768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5171768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
5181768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd000000 'C:\Windows\system32\CRYPT32.dll'
5191768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5201768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
5211768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll)
5221768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll
5231768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
5241768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
5251768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
5261768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5271768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5281768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5291768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
5301768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
5311768.176c: supR3HardenedDllNotificationCallback: load 000007fefe150000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
5321768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
5331768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe150000 'C:\Windows\system32\imagehlp.dll'
5341768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5351768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
5361768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc7b0000 'C:\Windows\system32\CRYPTSP.dll'
5371768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
5381768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
5391768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
5401768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5411768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
5421768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
5431768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
5441768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
5451768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
5461768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
5471768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume4\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
5481768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
5491768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
5501768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
5511768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\lpk.dll)
5521768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\lpk.dll
5531768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5541768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
5551768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
5561768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
5571768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume4\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
5581768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5591768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
5601768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
5611768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\usp10.dll)
5621768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\usp10.dll
5631768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5641768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
5651768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
5661768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5671768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
5681768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5691768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5701768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
5711768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5721768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5731768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
5741768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
5751768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5761768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5771768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5781768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
5791768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
5801768.176c: supR3HardenedDllNotificationCallback: load 0000000076fb0000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
5811768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
5821768.176c: supR3HardenedDllNotificationCallback: load 000007fefe250000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
5831768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5841768.176c: supR3HardenedDllNotificationCallback: load 000007fefd800000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
5851768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\lpk.dll [lacks WinVerifyTrust]
5861768.176c: supR3HardenedDllNotificationCallback: load 000007fefe500000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0]
5871768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\usp10.dll [lacks WinVerifyTrust]
5881768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5891768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
5901768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe250000 'C:\Windows\system32\gdi32.dll'
5911768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
5921768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
5931768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
5941768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\imm32.dll)
5951768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll
5961768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
5971768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume4\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
5981768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5991768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
6001768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
6011768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
6021768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\msctf.dll)
6031768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll
6041768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6051768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
6061768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6071768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6081768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
6091768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
6101768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
6111768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
6121768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6131768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6141768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
6151768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6161768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6171768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
6181768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
6191768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6201768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6211768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6221768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
6231768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6241768.176c: supR3HardenedDllNotificationCallback: load 000007fefe2f0000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
6251768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6261768.176c: supR3HardenedDllNotificationCallback: load 000007fefddb0000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
6271768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msctf.dll [lacks WinVerifyTrust]
6281768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2f0000 'C:\Windows\system32\IMM32.DLL'
6291768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076fb0000 'C:\Windows\system32\USER32.dll'
6301768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
6311768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
6321768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
6331768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\ncrypt.dll)
6341768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ncrypt.dll
6351768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
6361768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
6371768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
6381768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6391768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6401768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6411768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
6421768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
6431768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
6441768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
6451768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
6461768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
6471768.176c: supR3HardenedDllNotificationCallback: load 000007fefc830000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
6481768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
6491768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6501768.176c: supR3HardenedDllNotificationCallback: load 000007fefc800000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
6511768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6521768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc830000 'C:\Windows\system32\ncrypt.dll'
6531768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
6541768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
6551768.176c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
6561768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
6571768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
6581768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
6591768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6601768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
6611768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
6621768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
6631768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
6641768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
6651768.176c: supR3HardenedDllNotificationCallback: load 000007fefc1a0000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
6661768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
6671768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc1a0000 'C:\Windows\system32\bcryptprimitives.dll'
6681768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6691768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
6701768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc800000 'C:\Windows\system32\bcrypt.dll'
6711768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6721768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
6731768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
6741768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\userenv.dll)
6751768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\userenv.dll
6761768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
6771768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
6781768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6791768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
6801768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
6811768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6821768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6831768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6841768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6851768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6861768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6871768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6881768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6891768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6901768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
6911768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\userenv.dll [lacks WinVerifyTrust]
6921768.176c: supR3HardenedDllNotificationCallback: load 000007fefcf10000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
6931768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\userenv.dll [lacks WinVerifyTrust]
6941768.176c: supR3HardenedDllNotificationCallback: load 000007fefce70000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
6951768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust]
6961768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf10000 'C:\Windows\system32\USERENV.dll'
6971768.176c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
6981768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
6991768.176c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7001768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7011768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7021768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
7031768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\gpapi.dll)
7041768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gpapi.dll
7051768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7061768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7071768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7081768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7091768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7101768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7111768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7121768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
7131768.176c: supR3HardenedDllNotificationCallback: load 000007fefc1f0000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
7141768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
7151768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc1f0000 'C:\Windows\system32\GPAPI.dll'
7161768.176c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7171768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
7181768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7191768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7201768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd5e0000 'C:\Windows\system32\rpcrt4.dll'
7211768.176c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7221768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
7231768.176c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7241768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7251768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7261768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
7271768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
7281768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
7291768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptnet.dll)
7301768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptnet.dll
7311768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
7321768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume4\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
7331768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7341768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\Wldap32.dll)
7351768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\Wldap32.dll
7361768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
7371768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
7381768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7391768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7401768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
7411768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
7421768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7431768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7441768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7451768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7461768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7471768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7481768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7491768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7501768.176c: supR3HardenedDllNotificationCallback: load 000007fef8a20000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
7511768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7521768.176c: supR3HardenedDllNotificationCallback: load 000007fefe5d0000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
7531768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
7541768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7551768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7561768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7571768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7581768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7591768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7601768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7611768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7621768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7631768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7641768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7651768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7661768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7671768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7681768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7691768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7701768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7711768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7721768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7731768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7741768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7751768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7761768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7771768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7781768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7791768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7801768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7811768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7821768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7831768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7841768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8a20000 'C:\Windows\system32\cryptnet.dll'
7851768.176c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7861768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7871768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust]
7881768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
7891768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce70000 'C:\Windows\system32\profapi.dll'
7901768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
7911768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
7921768.176c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
7931768.176c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll)
7941768.176c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
7951768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7961768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7971768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7981768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
7991768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
8001768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
8011768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
8021768.176c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
8031768.176c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
8041768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
8051768.176c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
8061768.176c: supR3HardenedDllNotificationCallback: load 000007fefd810000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
8071768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
8081768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd810000 'C:\Windows\system32\SHLWAPI.dll'
8091768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
8101768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
8111768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8121768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=771D512B7B1C39F0393BD4EF9FC62F442783FB35
8131768.176c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
8141768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
8151768.176c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
8161768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
8171768.176c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
8181768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
8191768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8201768.176c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
8211768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe170000 'C:\Windows\system32\ADVAPI32.dll'
8221768.176c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
8231768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
8241768.176c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000835fc0:C:\Program Files\Oracle VM VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;D:\sybase\DBISQL-16_0\bin;D:\sybase\DataAccess64\ADONET\dll;D:\sybase\DataAccess\ADONET\dll;D:\sybase\DataAccess64\ODBC\dll;D:\sybase\DataAccess\ODBC\dll;D:\sybase\OCS-16_0\lib3p64;D:\sybase\OCS-16_0\lib3p;D:\sybase\OCS-16_0\dll;D:\sybase\OCS-16_0\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\SenchaSDKTools-2.0.0-beta3;D:\sybase\DataAccess\OLEDB\dll;D:\sybase\Shared\Sybase Central 4.3;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Java\jre6\bin\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\CVSNT\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\nodejs\;C:\Program Files\TortoiseGit\bin;C:\Users\mlipinski\AppData\Roaming\npm [calling]
8251768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2c0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
8261768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8271768.176c: g_pfnWinVerifyTrust=000007fefced1010
8281768.176c: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
8291768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume4\Windows\System32\crypt32.dll
8301768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
8311768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8321768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0752B52B3009339E2F25EAE5A58D7AAA80FBDE38
8331768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8341768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
8351768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8361768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0752B52B3009339E2F25EAE5A58D7AAA80FBDE38
8371768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8381768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
8391768.176c: supR3HardenedScreenImage/preload: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\crypt32.dll'
8401768.176c: Error (rc=0):
8411768.176c: supR3HardenedScreenImage/preload: cached rc=Unknown Status -22900 (0xffffa68c) fImage=0 fProtect=0x0 fAccess=0x0 cHits=4 \Device\HarddiskVolume4\Windows\System32\crypt32.dll
8421768.176c: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
8431768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume4\Windows\System32\wintrust.dll
8441768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
8451768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8461768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=80662AB761CF56CEC7909E5D03289BC65B4457A8
8471768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8481768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
8491768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8501768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=80662AB761CF56CEC7909E5D03289BC65B4457A8
8511768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8521768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
8531768.176c: supR3HardenedScreenImage/preload: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\wintrust.dll'
8541768.176c: Error (rc=0):
8551768.176c: supR3HardenedScreenImage/preload: cached rc=Unknown Status -22900 (0xffffa68c) fImage=0 fProtect=0x0 fAccess=0x0 cHits=4 \Device\HarddiskVolume4\Windows\System32\wintrust.dll
8561768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000038c pwszName=\Device\HarddiskVolume4\Windows\System32\shlwapi.dll
8571768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
8581768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8591768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
8601768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8611768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
8621768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8631768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
8641768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8651768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
8661768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'
8671768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\HarddiskVolume4\Windows\System32\Wldap32.dll
8681768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
8691768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8701768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
8711768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8721768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
8731768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8741768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
8751768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8761768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
8771768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\Wldap32.dll'
8781768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000380 pwszName=\Device\HarddiskVolume4\Windows\System32\cryptnet.dll
8791768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
8801768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8811768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F
8821768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8831768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
8841768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8851768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F
8861768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8871768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
8881768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
8891768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000025c pwszName=\Device\HarddiskVolume4\Windows\System32\gpapi.dll
8901768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
8911768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8921768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
8931768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8941768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
8951768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
8961768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
8971768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8981768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
8991768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gpapi.dll'
9001768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c8 pwszName=\Device\HarddiskVolume4\Windows\System32\profapi.dll
9011768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
9021768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9031768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
9041768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9051768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
9061768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9071768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
9081768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9091768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9101768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\profapi.dll'
9111768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume4\Windows\System32\userenv.dll
9121768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
9131768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9141768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
9151768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9161768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
9171768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9181768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
9191768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9201768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9211768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\userenv.dll'
9221768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll'
9231768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000019c pwszName=\Device\HarddiskVolume4\Windows\System32\bcrypt.dll
9241768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
9251768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9261768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
9271768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9281768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
9291768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9301768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
9311768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9321768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9331768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll'
9341768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume4\Windows\System32\ncrypt.dll
9351768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
9361768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9371768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D68DA0EBD4E0AA6C401CF7C54CEA904099DD3933
9381768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9391768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
9401768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9411768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D68DA0EBD4E0AA6C401CF7C54CEA904099DD3933
9421768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9431768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9441768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ncrypt.dll'
9451768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume4\Windows\System32\msctf.dll
9461768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
9471768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9481768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
9491768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9501768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
9511768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9521768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
9531768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9541768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9551768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msctf.dll'
9561768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume4\Windows\System32\imm32.dll
9571768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
9581768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9591768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
9601768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9611768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
9621768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9631768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
9641768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9651768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9661768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll'
9671768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume4\Windows\System32\usp10.dll
9681768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
9691768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9701768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
9711768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9721768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
9731768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9741768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
9751768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9761768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9771768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\usp10.dll'
9781768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000170 pwszName=\Device\HarddiskVolume4\Windows\System32\lpk.dll
9791768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
9801768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9811768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB
9821768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9831768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
9841768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9851768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB
9861768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9871768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9881768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\lpk.dll'
9891768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\HarddiskVolume4\Windows\System32\gdi32.dll
9901768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
9911768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9921768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9
9931768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9941768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
9951768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
9961768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9
9971768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9981768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9991768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'
10001768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000168 pwszName=\Device\HarddiskVolume4\Windows\System32\user32.dll
10011768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
10021768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10031768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
10041768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10051768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
10061768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10071768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
10081768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10091768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10101768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\user32.dll'
10111768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000164 pwszName=\Device\HarddiskVolume4\Windows\System32\imagehlp.dll
10121768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
10131768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10141768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
10151768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10161768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
10171768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10181768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
10191768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10201768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10211768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imagehlp.dll'
10221768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume4\Windows\System32\cryptbase.dll
10231768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
10241768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10251768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
10261768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10271768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
10281768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10291768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
10301768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10311768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10321768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptbase.dll'
10331768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000114 pwszName=\Device\HarddiskVolume4\Windows\System32\sechost.dll
10341768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
10351768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10361768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
10371768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10381768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
10391768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10401768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
10411768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10421768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10431768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sechost.dll'
10441768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000108 pwszName=\Device\HarddiskVolume4\Windows\System32\advapi32.dll
10451768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
10461768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10471768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4
10481768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10491768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
10501768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10511768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4
10521768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10531768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10541768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\advapi32.dll'
10551768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rsaenh.dll'
10561768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume4\Windows\System32\cryptsp.dll
10571768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
10581768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10591768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
10601768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10611768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
10621768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10631768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
10641768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10651768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10661768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptsp.dll'
10671768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume4\Windows\System32\msvcrt.dll
10681768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
10691768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10701768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
10711768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10721768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
10731768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10741768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
10751768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10761768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10771768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll'
10781768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume4\Windows\System32\msasn1.dll
10791768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
10801768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10811768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
10821768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10831768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
10841768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10851768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
10861768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10871768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10881768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msasn1.dll'
10891768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
10901768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
10911768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10921768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12
10931768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10941768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
10951768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
10961768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12
10971768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10981768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10991768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll'
11001768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle VM VirtualBox\VBoxSupLib.dll'
11011768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume4\Windows\System32\KernelBase.dll
11021768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
11031768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
11041768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57EB6F834C5A5D9585A660D91756134028A3B089
11051768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
11061768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
11071768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
11081768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57EB6F834C5A5D9585A660D91756134028A3B089
11091768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
11101768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
11111768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\KernelBase.dll'
11121768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume4\Windows\System32\kernel32.dll
11131768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000876f20
11141768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
11151768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
11161768.176c: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
11171768.176c: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000876f20
11181768.176c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000876f20
11191768.176c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
11201768.176c: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
11211768.176c: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
11221768.176c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel32.dll'
11231768.176c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
11241768.176c: Error (rc=0):
11251768.176c: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=5 \Device\HarddiskVolume4\Windows\System32\crypt32.dll
11261768.176c: Error (rc=0):
11271768.176c: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\crypt32.dll' (C:\Windows\system32\crypt32.dll): rcNt=0xc0000190
11281768.176c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\crypt32.dll'
11291768.176c: Fatal error:
11301768.176c: Error loading 'crypt32.dll': 1790 [C:\Windows\system32\crypt32.dll]
11311744.1748: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 185 ms, the end);
11321734.1738: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 505 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy