VirtualBox

Ticket #13685: VBoxStartup.log

File VBoxStartup.log, 125.5 KB (added by Medroa, 10 years ago)
Line 
11fac.22c0: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
21fac.22c0: \SystemRoot\System32\ntdll.dll:
31fac.22c0: CreationTime: 2013-10-12T12:12:00.155698000Z
41fac.22c0: LastWriteTime: 2013-08-29T02:16:35.515578900Z
51fac.22c0: ChangeTime: 2013-10-12T12:30:23.157235500Z
61fac.22c0: FileAttributes: 0x20
71fac.22c0: Size: 0x1a6dc0
81fac.22c0: NT Headers: 0xe0
91fac.22c0: Timestamp: 0x521eaf24
101fac.22c0: Machine: 0x8664 - amd64
111fac.22c0: Timestamp: 0x521eaf24
121fac.22c0: Image Version: 6.1
131fac.22c0: SizeOfImage: 0x1a9000 (1740800)
141fac.22c0: Resource Dir: 0x151000 LB 0x560d8
151fac.22c0: ProductName: Microsoft® Windows® Operating System
161fac.22c0: ProductVersion: 6.1.7601.18247
171fac.22c0: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
181fac.22c0: FileDescription: NT Layer DLL
191fac.22c0: \SystemRoot\System32\kernel32.dll:
201fac.22c0: CreationTime: 2014-06-03T17:44:51.858303500Z
211fac.22c0: LastWriteTime: 2014-03-04T09:44:00.336000000Z
221fac.22c0: ChangeTime: 2014-06-03T18:22:58.311054100Z
231fac.22c0: FileAttributes: 0x20
241fac.22c0: Size: 0x11c000
251fac.22c0: NT Headers: 0xe8
261fac.22c0: Timestamp: 0x5315a059
271fac.22c0: Machine: 0x8664 - amd64
281fac.22c0: Timestamp: 0x5315a059
291fac.22c0: Image Version: 6.1
301fac.22c0: SizeOfImage: 0x11f000 (1175552)
311fac.22c0: Resource Dir: 0x116000 LB 0x528
321fac.22c0: ProductName: Microsoft® Windows® Operating System
331fac.22c0: ProductVersion: 6.1.7601.18409
341fac.22c0: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
351fac.22c0: FileDescription: Windows NT BASE API Client DLL
361fac.22c0: \SystemRoot\System32\KernelBase.dll:
371fac.22c0: CreationTime: 2014-06-03T17:45:54.946911900Z
381fac.22c0: LastWriteTime: 2014-03-04T09:44:00.336000000Z
391fac.22c0: ChangeTime: 2014-06-03T18:23:01.087858900Z
401fac.22c0: FileAttributes: 0x20
411fac.22c0: Size: 0x67c00
421fac.22c0: NT Headers: 0xe8
431fac.22c0: Timestamp: 0x5315a05a
441fac.22c0: Machine: 0x8664 - amd64
451fac.22c0: Timestamp: 0x5315a05a
461fac.22c0: Image Version: 6.1
471fac.22c0: SizeOfImage: 0x6c000 (442368)
481fac.22c0: Resource Dir: 0x6a000 LB 0x530
491fac.22c0: ProductName: Microsoft® Windows® Operating System
501fac.22c0: ProductVersion: 6.1.7601.18409
511fac.22c0: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
521fac.22c0: FileDescription: Windows NT BASE API Client DLL
531fac.22c0: \SystemRoot\System32\apisetschema.dll:
541fac.22c0: CreationTime: 2013-10-08T15:39:45.507886100Z
551fac.22c0: LastWriteTime: 2013-08-02T02:12:20.275000000Z
561fac.22c0: ChangeTime: 2013-10-08T15:47:12.448087700Z
571fac.22c0: FileAttributes: 0x20
581fac.22c0: Size: 0x1a00
591fac.22c0: NT Headers: 0xc0
601fac.22c0: Timestamp: 0x51fb15ca
611fac.22c0: Machine: 0x8664 - amd64
621fac.22c0: Timestamp: 0x51fb15ca
631fac.22c0: Image Version: 6.1
641fac.22c0: SizeOfImage: 0x50000 (327680)
651fac.22c0: Resource Dir: 0x30000 LB 0x3f8
661fac.22c0: ProductName: Microsoft® Windows® Operating System
671fac.22c0: ProductVersion: 6.1.7601.18229
681fac.22c0: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
691fac.22c0: FileDescription: ApiSet Schema DLL
701fac.22c0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
711fac.22c0: supR3HardenedWinFindAdversaries: 0x0
721fac.22c0: Calling main()
731fac.22c0: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
741fac.22c0: SUPR3HardenedMain: Respawn #1
751fac.22c0: System32: \Device\HarddiskVolume1\Windows\System32
761fac.22c0: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
771fac.22c0: KnownDllPath: C:\Windows\system32
781fac.22c0: '\Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe' has no imports
791fac.22c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe)
801fac.22c0: supR3HardNtEnableThreadCreation:
811fac.22c0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770cc340 pvNtTerminateThread=00000000770f17e0
821fac.22c0: supR3HardenedWinDoReSpawn(1): New child b98.2398 [kernel32].
831fac.22c0: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd8000 cbPeb=0x380
841fac.22c0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000770a0000 uNtDllChildAddr=00000000770a0000
851fac.22c0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000770cc340
861fac.22c0: supR3HardenedWinSetupChildInit: Start child.
871fac.22c0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
881fac.22c0: supR3HardNtChildPurify: Startup delay kludge #1/0: 265 ms, 17 sleeps
891fac.22c0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
901fac.22c0: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
911fac.22c0: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
921fac.22c0: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
931fac.22c0: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
941fac.22c0: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
951fac.22c0: 0000000000041000-fffffffffffe1fff 0x0001/0x0000 0x0000000
961fac.22c0: *00000000000a0000-fffffffffffa3fff 0x0000/0x0004 0x0020000
971fac.22c0: 000000000019c000-0000000000198fff 0x0104/0x0004 0x0020000
981fac.22c0: 000000000019f000-000000000019dfff 0x0004/0x0004 0x0020000
991fac.22c0: 00000000001a0000-ffffffff8929ffff 0x0001/0x0000 0x0000000
1001fac.22c0: *00000000770a0000-000000007709efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1011fac.22c0: 00000000770a1000-0000000076f9efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1021fac.22c0: 00000000771a3000-0000000077173fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1031fac.22c0: 00000000771d2000-00000000771c9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1041fac.22c0: 00000000771da000-00000000771d8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1051fac.22c0: 00000000771db000-00000000771d7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1061fac.22c0: 00000000771de000-0000000077172fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
1071fac.22c0: 0000000077249000-000000006f4b1fff 0x0001/0x0000 0x0000000
1081fac.22c0: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
1091fac.22c0: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
1101fac.22c0: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
1111fac.22c0: 000000007fff0000-ffffffffc039ffff 0x0001/0x0000 0x0000000
1121fac.22c0: *000000013fc40000-000000013fc3efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
1131fac.22c0: 000000013fc41000-000000013fbbcfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
1141fac.22c0: 000000013fcc5000-000000013fcc3fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
1151fac.22c0: 000000013fcc6000-000000013fc88fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
1161fac.22c0: 000000013fd03000-000000013fd01fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
1171fac.22c0: 000000013fd04000-000000013fd02fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
1181fac.22c0: 000000013fd05000-000000013fd02fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
1191fac.22c0: 000000013fd07000-000000013fd05fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
1201fac.22c0: 000000013fd08000-000000013fd06fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
1211fac.22c0: 000000013fd09000-000000013fd04fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
1221fac.22c0: 000000013fd0d000-000000013fcd3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
1231fac.22c0: 000000013fd46000-fffff803806cbfff 0x0001/0x0000 0x0000000
1241fac.22c0: *000007feff3c0000-000007feff3befff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
1251fac.22c0: 000007feff3c1000-000007fdfe7e1fff 0x0001/0x0000 0x0000000
1261fac.22c0: *000007fffffa0000-000007fffff6cfff 0x0002/0x0002 0x0040000
1271fac.22c0: 000007fffffd3000-000007fffffcdfff 0x0001/0x0000 0x0000000
1281fac.22c0: *000007fffffd8000-000007fffffd6fff 0x0004/0x0004 0x0020000
1291fac.22c0: 000007fffffd9000-000007fffffd3fff 0x0001/0x0000 0x0000000
1301fac.22c0: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
1311fac.22c0: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
1321fac.22c0: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
1331fac.22c0: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
1341fac.22c0: '\Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe' has no imports
1351fac.22c0: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
1361fac.22c0: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
1371fac.22c0: supR3HardNtChildPurify: Done after 297 ms and 0 fixes (loop #0).
138b98.2398: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
139b98.2398: supR3HardenedVmProcessInit: uNtDllAddr=00000000770a0000
1401fac.22c0: supR3HardNtEnableThreadCreation:
141b98.2398: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
142b98.2398: New simple heap: #1 00000000002a0000 LB 0x400000 (for 1740800 allocation)
143b98.2398: System32: \Device\HarddiskVolume1\Windows\System32
144b98.2398: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
145b98.2398: KnownDllPath: C:\Windows\system32
146b98.2398: supR3HardenedVmProcessInit: Opening vboxdrv stub...
147b98.2398: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
148b98.2398: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
149b98.2398: Registered Dll notification callback with NTDLL.
150b98.2398: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
151b98.2398: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
152b98.2398: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
153b98.2398: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
154b98.2398: supR3HardenedDllNotificationCallback: load 0000000076f80000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
155b98.2398: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
156b98.2398: supR3HardenedDllNotificationCallback: load 000007fefcfa0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
157b98.2398: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
158b98.2398: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
159b98.2398: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076f80000 'C:\Windows\system32\kernel32.dll'
160b98.2398: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770cc340 pvNtTerminateThread=00000000770f17e0
1611fac.22c0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 15 ms.
162b98.2398: \SystemRoot\System32\ntdll.dll:
163b98.2398: CreationTime: 2013-10-12T12:12:00.155698000Z
164b98.2398: LastWriteTime: 2013-08-29T02:16:35.515578900Z
165b98.2398: ChangeTime: 2013-10-12T12:30:23.157235500Z
166b98.2398: FileAttributes: 0x20
167b98.2398: Size: 0x1a6dc0
168b98.2398: NT Headers: 0xe0
169b98.2398: Timestamp: 0x521eaf24
170b98.2398: Machine: 0x8664 - amd64
171b98.2398: Timestamp: 0x521eaf24
172b98.2398: Image Version: 6.1
173b98.2398: SizeOfImage: 0x1a9000 (1740800)
174b98.2398: Resource Dir: 0x151000 LB 0x560d8
175b98.2398: ProductName: Microsoft® Windows® Operating System
176b98.2398: ProductVersion: 6.1.7601.18247
177b98.2398: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
178b98.2398: FileDescription: NT Layer DLL
179b98.2398: \SystemRoot\System32\kernel32.dll:
180b98.2398: CreationTime: 2014-06-03T17:44:51.858303500Z
181b98.2398: LastWriteTime: 2014-03-04T09:44:00.336000000Z
182b98.2398: ChangeTime: 2014-06-03T18:22:58.311054100Z
183b98.2398: FileAttributes: 0x20
184b98.2398: Size: 0x11c000
185b98.2398: NT Headers: 0xe8
186b98.2398: Timestamp: 0x5315a059
187b98.2398: Machine: 0x8664 - amd64
188b98.2398: Timestamp: 0x5315a059
189b98.2398: Image Version: 6.1
190b98.2398: SizeOfImage: 0x11f000 (1175552)
191b98.2398: Resource Dir: 0x116000 LB 0x528
192b98.2398: ProductName: Microsoft® Windows® Operating System
193b98.2398: ProductVersion: 6.1.7601.18409
194b98.2398: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
195b98.2398: FileDescription: Windows NT BASE API Client DLL
196b98.2398: \SystemRoot\System32\KernelBase.dll:
197b98.2398: CreationTime: 2014-06-03T17:45:54.946911900Z
198b98.2398: LastWriteTime: 2014-03-04T09:44:00.336000000Z
199b98.2398: ChangeTime: 2014-06-03T18:23:01.087858900Z
200b98.2398: FileAttributes: 0x20
201b98.2398: Size: 0x67c00
202b98.2398: NT Headers: 0xe8
203b98.2398: Timestamp: 0x5315a05a
204b98.2398: Machine: 0x8664 - amd64
205b98.2398: Timestamp: 0x5315a05a
206b98.2398: Image Version: 6.1
207b98.2398: SizeOfImage: 0x6c000 (442368)
208b98.2398: Resource Dir: 0x6a000 LB 0x530
209b98.2398: ProductName: Microsoft® Windows® Operating System
210b98.2398: ProductVersion: 6.1.7601.18409
211b98.2398: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
212b98.2398: FileDescription: Windows NT BASE API Client DLL
213b98.2398: \SystemRoot\System32\apisetschema.dll:
214b98.2398: CreationTime: 2013-10-08T15:39:45.507886100Z
215b98.2398: LastWriteTime: 2013-08-02T02:12:20.275000000Z
216b98.2398: ChangeTime: 2013-10-08T15:47:12.448087700Z
217b98.2398: FileAttributes: 0x20
218b98.2398: Size: 0x1a00
219b98.2398: NT Headers: 0xc0
220b98.2398: Timestamp: 0x51fb15ca
221b98.2398: Machine: 0x8664 - amd64
222b98.2398: Timestamp: 0x51fb15ca
223b98.2398: Image Version: 6.1
224b98.2398: SizeOfImage: 0x50000 (327680)
225b98.2398: Resource Dir: 0x30000 LB 0x3f8
226b98.2398: ProductName: Microsoft® Windows® Operating System
227b98.2398: ProductVersion: 6.1.7601.18229
228b98.2398: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
229b98.2398: FileDescription: ApiSet Schema DLL
230b98.2398: NtOpenDirectoryObject failed on \Driver: 0xc0000022
231b98.2398: supR3HardenedWinFindAdversaries: 0x0
232b98.2398: Calling main()
233b98.2398: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
234b98.2398: '\Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe' has no imports
235b98.2398: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe)
236b98.2398: SUPR3HardenedMain: Respawn #2
237b98.2398: supR3HardNtEnableThreadCreation:
238b98.2398: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\apphelp.dll)
239b98.2398: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\apphelp.dll
240b98.2398: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
241b98.2398: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
242b98.2398: supR3HardenedDllNotificationCallback: load 000007fefcca0000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
243b98.2398: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
244b98.2398: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcca0000 'C:\Windows\system32\apphelp.dll'
245b98.2398: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770cc340 pvNtTerminateThread=00000000770f17e0
246b98.2398: supR3HardenedWinDoReSpawn(2): New child 1ca8.1e14 [kernel32].
247b98.2398: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd5000 cbPeb=0x380
248b98.2398: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000770a0000 uNtDllChildAddr=00000000770a0000
249b98.2398: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000770cc340
250b98.2398: supR3HardenedWinSetupChildInit: Start child.
251b98.2398: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
252b98.2398: supR3HardNtChildPurify: Startup delay kludge #1/0: 259 ms, 19 sleeps
253b98.2398: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
254b98.2398: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
255b98.2398: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
256b98.2398: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
257b98.2398: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
258b98.2398: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
259b98.2398: 0000000000041000-fffffffffff11fff 0x0001/0x0000 0x0000000
260b98.2398: *0000000000170000-0000000000073fff 0x0000/0x0004 0x0020000
261b98.2398: 000000000026c000-0000000000268fff 0x0104/0x0004 0x0020000
262b98.2398: 000000000026f000-000000000026dfff 0x0004/0x0004 0x0020000
263b98.2398: 0000000000270000-ffffffff8943ffff 0x0001/0x0000 0x0000000
264b98.2398: *00000000770a0000-000000007709efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
265b98.2398: 00000000770a1000-0000000076f9efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
266b98.2398: 00000000771a3000-0000000077173fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
267b98.2398: 00000000771d2000-00000000771c9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
268b98.2398: 00000000771da000-00000000771d8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
269b98.2398: 00000000771db000-00000000771d7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
270b98.2398: 00000000771de000-0000000077172fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
271b98.2398: 0000000077249000-000000006f4b1fff 0x0001/0x0000 0x0000000
272b98.2398: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
273b98.2398: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
274b98.2398: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
275b98.2398: 000000007fff0000-ffffffffc039ffff 0x0001/0x0000 0x0000000
276b98.2398: *000000013fc40000-000000013fc3efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
277b98.2398: 000000013fc41000-000000013fbbcfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
278b98.2398: 000000013fcc5000-000000013fcc3fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
279b98.2398: 000000013fcc6000-000000013fc88fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
280b98.2398: 000000013fd03000-000000013fd01fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
281b98.2398: 000000013fd04000-000000013fd02fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
282b98.2398: 000000013fd05000-000000013fd02fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
283b98.2398: 000000013fd07000-000000013fd05fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
284b98.2398: 000000013fd08000-000000013fd06fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
285b98.2398: 000000013fd09000-000000013fd04fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
286b98.2398: 000000013fd0d000-000000013fcd3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe
287b98.2398: 000000013fd46000-fffff803806cbfff 0x0001/0x0000 0x0000000
288b98.2398: *000007feff3c0000-000007feff3befff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\apisetschema.dll
289b98.2398: 000007feff3c1000-000007fdfe7e1fff 0x0001/0x0000 0x0000000
290b98.2398: *000007fffffa0000-000007fffff6cfff 0x0002/0x0002 0x0040000
291b98.2398: 000007fffffd3000-000007fffffd0fff 0x0001/0x0000 0x0000000
292b98.2398: *000007fffffd5000-000007fffffd3fff 0x0004/0x0004 0x0020000
293b98.2398: 000007fffffd6000-000007fffffcdfff 0x0001/0x0000 0x0000000
294b98.2398: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
295b98.2398: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
296b98.2398: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
297b98.2398: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
298b98.2398: '\Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe' has no imports
299b98.2398: '\Device\HarddiskVolume1\Windows\System32\apisetschema.dll' has no imports
300b98.2398: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
301b98.2398: supR3HardNtChildPurify: Done after 290 ms and 0 fixes (loop #0).
3021ca8.1e14: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
3031ca8.1e14: supR3HardenedVmProcessInit: uNtDllAddr=00000000770a0000
304b98.2398: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002a0000 LB 0x400000)
305b98.2398: supR3HardNtEnableThreadCreation:
3061ca8.1e14: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
3071ca8.1e14: New simple heap: #1 0000000000270000 LB 0x400000 (for 1740800 allocation)
3081ca8.1e14: System32: \Device\HarddiskVolume1\Windows\System32
3091ca8.1e14: WinSxS: \Device\HarddiskVolume1\Windows\winsxs
3101ca8.1e14: KnownDllPath: C:\Windows\system32
3111ca8.1e14: supR3HardenedVmProcessInit: Opening vboxdrv...
3121ca8.1e14: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3131ca8.1e14: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3141ca8.1e14: Registered Dll notification callback with NTDLL.
3151ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
3161ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
3171ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
3181ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3191ca8.1e14: supR3HardenedDllNotificationCallback: load 0000000076f80000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
3201ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3211ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefcfa0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
3221ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
3231ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
3241ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076f80000 'C:\Windows\system32\kernel32.dll'
3251ca8.1e14: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000770cc340 pvNtTerminateThread=00000000770f17e0
326b98.2398: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 28 ms.
3271ca8.1e14: \SystemRoot\System32\ntdll.dll:
3281ca8.1e14: CreationTime: 2013-10-12T12:12:00.155698000Z
3291ca8.1e14: LastWriteTime: 2013-08-29T02:16:35.515578900Z
3301ca8.1e14: ChangeTime: 2013-10-12T12:30:23.157235500Z
3311ca8.1e14: FileAttributes: 0x20
3321ca8.1e14: Size: 0x1a6dc0
3331ca8.1e14: NT Headers: 0xe0
3341ca8.1e14: Timestamp: 0x521eaf24
3351ca8.1e14: Machine: 0x8664 - amd64
3361ca8.1e14: Timestamp: 0x521eaf24
3371ca8.1e14: Image Version: 6.1
3381ca8.1e14: SizeOfImage: 0x1a9000 (1740800)
3391ca8.1e14: Resource Dir: 0x151000 LB 0x560d8
3401ca8.1e14: ProductName: Microsoft® Windows® Operating System
3411ca8.1e14: ProductVersion: 6.1.7601.18247
3421ca8.1e14: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
3431ca8.1e14: FileDescription: NT Layer DLL
3441ca8.1e14: \SystemRoot\System32\kernel32.dll:
3451ca8.1e14: CreationTime: 2014-06-03T17:44:51.858303500Z
3461ca8.1e14: LastWriteTime: 2014-03-04T09:44:00.336000000Z
3471ca8.1e14: ChangeTime: 2014-06-03T18:22:58.311054100Z
3481ca8.1e14: FileAttributes: 0x20
3491ca8.1e14: Size: 0x11c000
3501ca8.1e14: NT Headers: 0xe8
3511ca8.1e14: Timestamp: 0x5315a059
3521ca8.1e14: Machine: 0x8664 - amd64
3531ca8.1e14: Timestamp: 0x5315a059
3541ca8.1e14: Image Version: 6.1
3551ca8.1e14: SizeOfImage: 0x11f000 (1175552)
3561ca8.1e14: Resource Dir: 0x116000 LB 0x528
3571ca8.1e14: ProductName: Microsoft® Windows® Operating System
3581ca8.1e14: ProductVersion: 6.1.7601.18409
3591ca8.1e14: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3601ca8.1e14: FileDescription: Windows NT BASE API Client DLL
3611ca8.1e14: \SystemRoot\System32\KernelBase.dll:
3621ca8.1e14: CreationTime: 2014-06-03T17:45:54.946911900Z
3631ca8.1e14: LastWriteTime: 2014-03-04T09:44:00.336000000Z
3641ca8.1e14: ChangeTime: 2014-06-03T18:23:01.087858900Z
3651ca8.1e14: FileAttributes: 0x20
3661ca8.1e14: Size: 0x67c00
3671ca8.1e14: NT Headers: 0xe8
3681ca8.1e14: Timestamp: 0x5315a05a
3691ca8.1e14: Machine: 0x8664 - amd64
3701ca8.1e14: Timestamp: 0x5315a05a
3711ca8.1e14: Image Version: 6.1
3721ca8.1e14: SizeOfImage: 0x6c000 (442368)
3731ca8.1e14: Resource Dir: 0x6a000 LB 0x530
3741ca8.1e14: ProductName: Microsoft® Windows® Operating System
3751ca8.1e14: ProductVersion: 6.1.7601.18409
3761ca8.1e14: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3771ca8.1e14: FileDescription: Windows NT BASE API Client DLL
3781ca8.1e14: \SystemRoot\System32\apisetschema.dll:
3791ca8.1e14: CreationTime: 2013-10-08T15:39:45.507886100Z
3801ca8.1e14: LastWriteTime: 2013-08-02T02:12:20.275000000Z
3811ca8.1e14: ChangeTime: 2013-10-08T15:47:12.448087700Z
3821ca8.1e14: FileAttributes: 0x20
3831ca8.1e14: Size: 0x1a00
3841ca8.1e14: NT Headers: 0xc0
3851ca8.1e14: Timestamp: 0x51fb15ca
3861ca8.1e14: Machine: 0x8664 - amd64
3871ca8.1e14: Timestamp: 0x51fb15ca
3881ca8.1e14: Image Version: 6.1
3891ca8.1e14: SizeOfImage: 0x50000 (327680)
3901ca8.1e14: Resource Dir: 0x30000 LB 0x3f8
3911ca8.1e14: ProductName: Microsoft® Windows® Operating System
3921ca8.1e14: ProductVersion: 6.1.7601.18229
3931ca8.1e14: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
3941ca8.1e14: FileDescription: ApiSet Schema DLL
3951ca8.1e14: NtOpenDirectoryObject failed on \Driver: 0xc0000022
3961ca8.1e14: supR3HardenedWinFindAdversaries: 0x0
3971ca8.1e14: Calling main()
3981ca8.1e14: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
3991ca8.1e14: '\Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe' has no imports
4001ca8.1e14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Oracle\VirtualBox\VirtualBox.exe)
4011ca8.1e14: SUPR3HardenedMain: Final process, opening VBoxDrv...
4021ca8.1e14: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000270000 LB 0x400000)
4031ca8.1e14: supR3HardNtEnableThreadCreation:
4041ca8.1e14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Oracle\VirtualBox\VBoxSupLib.dll)
4051ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Oracle\VirtualBox\VBoxSupLib.dll
4061ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=D:\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d3d80:C:\Windows\system32 [calling]
4071ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4081ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefa990000 LB 0x00004000 D:\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
4091ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4101ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4111ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=D:\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
4121ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa990000 'D:\Oracle\VirtualBox\VBoxSupLib.DLL'
4131ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4141ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=D:\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
4151ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa990000 'D:\Oracle\VirtualBox\VBoxSupLib.DLL'
4161ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa990000 'D:\Oracle\VirtualBox\VBoxSupLib.DLL'
4171ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4181ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
4191ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
4201ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
4211ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\wintrust.dll)
4221ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\wintrust.dll
4231ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4241ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4251ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)
4261ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
4271ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4281ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4291ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msasn1.dll)
4301ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msasn1.dll
4311ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
4321ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
4331ca8.1e14: \Device\HarddiskVolume1\Windows\System32\crypt32.dll: Owner is administrators group.
4341ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4351ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
4361ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\crypt32.dll)
4371ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\crypt32.dll
4381ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4391ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4401ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)
4411ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
4421ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4431ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4441ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4451ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4461ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4471ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4481ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d3d80:C:\Windows\system32 [calling]
4491ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4501ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefd1d0000 LB 0x0003a000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
4511ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4521ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefec50000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
4531ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4541ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefd050000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
4551ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4561ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefce70000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
4571ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4581ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefe140000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
4591ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4601ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1d0000 'C:\Windows\system32\Wintrust.dll'
4611ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptsp.dll)
4621ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptsp.dll
4631ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
4641ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
4651ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefc690000 LB 0x00017000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
4661ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
4671ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc690000 'C:\Windows\system32\CRYPTSP.dll'
4681ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4691ca8.1e14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\rsaenh.dll)
4701ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rsaenh.dll
4711ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4721ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4731ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4741ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
4751ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4761ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefc3d0000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
4771ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
4781ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc3d0000 'C:\Windows\system32\rsaenh.dll'
4791ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4801ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
4811ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)
4821ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll
4831ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4841ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4851ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4861ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4871ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4881ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4891ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
4901ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4911ca8.1e14: supR3HardenedDllNotificationCallback: load 000007feff130000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
4921ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4931ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
4941ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
4951ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)
4961ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll
4971ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefebd0000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
4981ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\sechost.dll [lacks WinVerifyTrust]
4991ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'C:\Windows\system32\ADVAPI32.dll'
5001ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptbase.dll)
5011ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
5021ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5031ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5041ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5051ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5061ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5071ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5081ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
5091ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5101ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefcd00000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
5111ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5121ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcd00000 'C:\Windows\system32\CRYPTBASE.dll'
5131ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5141ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
5151ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076f80000 'C:\Windows\system32\kernel32.dll'
5161ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5171ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
5181ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1d0000 'C:\Windows\system32\WINTRUST.DLL'
5191ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5201ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
5211ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd050000 'C:\Windows\system32\CRYPT32.dll'
5221ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5231ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
5241ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imagehlp.dll)
5251ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imagehlp.dll
5261ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
5271ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
5281ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
5291ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5301ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5311ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5321ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
5331ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
5341ca8.1e14: supR3HardenedDllNotificationCallback: load 000007feff320000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
5351ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
5361ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff320000 'C:\Windows\system32\imagehlp.dll'
5371ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5381ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
5391ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc690000 'C:\Windows\system32\CRYPTSP.dll'
5401ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
5411ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\user32.dll)
5421ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\user32.dll
5431ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5441ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
5451ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
5461ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
5471ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gdi32.dll)
5481ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gdi32.dll
5491ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
5501ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume1\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
5511ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
5521ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
5531ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
5541ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\lpk.dll)
5551ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\lpk.dll
5561ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5571ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
5581ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
5591ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
5601ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume1\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
5611ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5621ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
5631ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
5641ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\usp10.dll)
5651ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\usp10.dll
5661ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5671ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
5681ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
5691ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5701ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
5711ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5721ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5731ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
5741ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5751ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5761ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
5771ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
5781ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5791ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5801ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5811ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
5821ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
5831ca8.1e14: supR3HardenedDllNotificationCallback: load 0000000076e80000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
5841ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
5851ca8.1e14: supR3HardenedDllNotificationCallback: load 000007feff340000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
5861ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5871ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefebf0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
5881ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\lpk.dll [lacks WinVerifyTrust]
5891ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefe270000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0]
5901ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\usp10.dll [lacks WinVerifyTrust]
5911ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5921ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
5931ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff340000 'C:\Windows\system32\gdi32.dll'
5941ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
5951ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
5961ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
5971ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\imm32.dll)
5981ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imm32.dll
5991ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
6001ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume1\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
6011ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6021ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
6031ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
6041ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
6051ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\msctf.dll)
6061ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msctf.dll
6071ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6081ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
6091ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6101ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6111ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
6121ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
6131ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
6141ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
6151ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6161ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6171ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
6181ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6191ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6201ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
6211ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
6221ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6231ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6241ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6251ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
6261ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6271ca8.1e14: supR3HardenedDllNotificationCallback: load 000007feff210000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
6281ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6291ca8.1e14: supR3HardenedDllNotificationCallback: load 000007feff020000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
6301ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msctf.dll [lacks WinVerifyTrust]
6311ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff210000 'C:\Windows\system32\IMM32.DLL'
6321ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076e80000 'C:\Windows\system32\USER32.dll'
6331ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
6341ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
6351ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
6361ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\ncrypt.dll)
6371ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ncrypt.dll
6381ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
6391ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume1\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
6401ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
6411ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6421ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6431ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6441ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
6451ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
6461ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\bcrypt.dll)
6471ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcrypt.dll
6481ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
6491ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
6501ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefc7e0000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
6511ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
6521ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6531ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefc870000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
6541ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6551ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc7e0000 'C:\Windows\system32\ncrypt.dll'
6561ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
6571ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
6581ca8.1e14: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll)
6591ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll
6601ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
6611ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
6621ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6631ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
6641ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
6651ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
6661ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
6671ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
6681ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefc330000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
6691ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
6701ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc330000 'C:\Windows\system32\bcryptprimitives.dll'
6711ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6721ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
6731ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc870000 'C:\Windows\system32\bcrypt.dll'
6741ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6751ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
6761ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
6771ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\userenv.dll)
6781ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\userenv.dll
6791ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
6801ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
6811ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6821ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\profapi.dll)
6831ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\profapi.dll
6841ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6851ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6861ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6871ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6881ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6891ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6901ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6911ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6921ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6931ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
6941ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
6951ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefce90000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
6961ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
6971ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefce60000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
6981ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
6991ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce90000 'C:\Windows\system32\USERENV.dll'
7001ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7011ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefebd0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7021ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7031ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefebd0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7041ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7051ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
7061ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\gpapi.dll)
7071ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gpapi.dll
7081ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7091ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7101ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7111ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7121ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7131ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7141ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7151ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
7161ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefc110000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
7171ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
7181ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc110000 'C:\Windows\system32\GPAPI.dll'
7191ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7201ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefebd0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
7211ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7221ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7231ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe140000 'C:\Windows\system32\rpcrt4.dll'
7241ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7251ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefebd0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
7261ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7271ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefebd0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7281ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7291ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
7301ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
7311ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
7321ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\cryptnet.dll)
7331ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptnet.dll
7341ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
7351ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume1\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
7361ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7371ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\Wldap32.dll)
7381ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\Wldap32.dll
7391ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
7401ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume1\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
7411ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7421ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7431ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
7441ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
7451ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7461ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7471ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7481ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7491ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7501ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7511ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7521ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7531ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fef8080000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
7541ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7551ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefeb60000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
7561ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
7571ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7581ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7591ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7601ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7611ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7621ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7631ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7641ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7651ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7661ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7671ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7681ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7691ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7701ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7711ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7721ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7731ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7741ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7751ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7761ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7771ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7781ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7791ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7801ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7811ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7821ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7831ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7841ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7851ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7861ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7871ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8080000 'C:\Windows\system32\cryptnet.dll'
7881ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7891ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefebd0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7901ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
7911ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
7921ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefce60000 'C:\Windows\system32\profapi.dll'
7931ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
7941ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
7951ca8.1e14: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
7961ca8.1e14: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\shlwapi.dll)
7971ca8.1e14: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
7981ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7991ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8001ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8011ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
8021ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
8031ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
8041ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
8051ca8.1e14: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
8061ca8.1e14: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
8071ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
8081ca8.1e14: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
8091ca8.1e14: supR3HardenedDllNotificationCallback: load 000007fefea40000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
8101ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
8111ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefea40000 'C:\Windows\system32\SHLWAPI.dll'
8121ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
8131ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
8141ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8151ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=771D512B7B1C39F0393BD4EF9FC62F442783FB35
8161ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
8171ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefebd0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
8181ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
8191ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefebd0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
8201ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
8211ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefebd0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
8221ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8231ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
8241ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff130000 'C:\Windows\system32\ADVAPI32.dll'
8251ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
8261ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefebd0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
8271ca8.1e14: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000007d4310:D:\Oracle\VirtualBox;.;C:\Windows\system32;C:\Windows\system;C:\Windows;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Wizvera\Delfino;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Java\jdk1.7.0_07\bin; [calling]
8281ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefebd0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
8291ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8301ca8.1e14: g_pfnWinVerifyTrust=000007fefd1d1010
8311ca8.1e14: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
8321ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume1\Windows\System32\crypt32.dll
8331ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
8341ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8351ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0752B52B3009339E2F25EAE5A58D7AAA80FBDE38
8361ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8371ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
8381ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8391ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0752B52B3009339E2F25EAE5A58D7AAA80FBDE38
8401ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8411ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
8421ca8.1e14: supR3HardenedScreenImage/preload: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\crypt32.dll'
8431ca8.1e14: Error (rc=0):
8441ca8.1e14: supR3HardenedScreenImage/preload: cached rc=Unknown Status -22900 (0xffffa68c) fImage=0 fProtect=0x0 fAccess=0x0 cHits=4 \Device\HarddiskVolume1\Windows\System32\crypt32.dll
8451ca8.1e14: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
8461ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume1\Windows\System32\wintrust.dll
8471ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
8481ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8491ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=80662AB761CF56CEC7909E5D03289BC65B4457A8
8501ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8511ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
8521ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8531ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=80662AB761CF56CEC7909E5D03289BC65B4457A8
8541ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8551ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
8561ca8.1e14: supR3HardenedScreenImage/preload: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\wintrust.dll'
8571ca8.1e14: Error (rc=0):
8581ca8.1e14: supR3HardenedScreenImage/preload: cached rc=Unknown Status -22900 (0xffffa68c) fImage=0 fProtect=0x0 fAccess=0x0 cHits=4 \Device\HarddiskVolume1\Windows\System32\wintrust.dll
8591ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003b8 pwszName=\Device\HarddiskVolume1\Windows\System32\shlwapi.dll
8601ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
8611ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8621ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
8631ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8641ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
8651ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8661ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
8671ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8681ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
8691ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll'
8701ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003b0 pwszName=\Device\HarddiskVolume1\Windows\System32\Wldap32.dll
8711ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
8721ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8731ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
8741ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8751ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
8761ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8771ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
8781ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8791ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
8801ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\Wldap32.dll'
8811ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003ac pwszName=\Device\HarddiskVolume1\Windows\System32\cryptnet.dll
8821ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
8831ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8841ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F
8851ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8861ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
8871ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8881ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F
8891ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
8901ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
8911ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptnet.dll'
8921ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000268 pwszName=\Device\HarddiskVolume1\Windows\System32\gpapi.dll
8931ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
8941ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8951ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
8961ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
8971ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
8981ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
8991ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
9001ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9011ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9021ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gpapi.dll'
9031ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d4 pwszName=\Device\HarddiskVolume1\Windows\System32\profapi.dll
9041ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
9051ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9061ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
9071ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9081ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
9091ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9101ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
9111ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9121ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9131ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\profapi.dll'
9141ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d0 pwszName=\Device\HarddiskVolume1\Windows\System32\userenv.dll
9151ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
9161ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9171ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
9181ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9191ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
9201ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9211ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
9221ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9231ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9241ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\userenv.dll'
9251ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll'
9261ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a8 pwszName=\Device\HarddiskVolume1\Windows\System32\bcrypt.dll
9271ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
9281ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9291ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
9301ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9311ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
9321ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9331ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
9341ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9351ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9361ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll'
9371ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a4 pwszName=\Device\HarddiskVolume1\Windows\System32\ncrypt.dll
9381ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
9391ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9401ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D68DA0EBD4E0AA6C401CF7C54CEA904099DD3933
9411ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9421ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
9431ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9441ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D68DA0EBD4E0AA6C401CF7C54CEA904099DD3933
9451ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9461ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9471ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\ncrypt.dll'
9481ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000018c pwszName=\Device\HarddiskVolume1\Windows\System32\msctf.dll
9491ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
9501ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9511ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
9521ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9531ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
9541ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9551ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
9561ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9571ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9581ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msctf.dll'
9591ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000188 pwszName=\Device\HarddiskVolume1\Windows\System32\imm32.dll
9601ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
9611ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9621ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
9631ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9641ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
9651ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9661ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
9671ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9681ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9691ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imm32.dll'
9701ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000184 pwszName=\Device\HarddiskVolume1\Windows\System32\usp10.dll
9711ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
9721ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9731ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
9741ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9751ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
9761ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9771ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
9781ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9791ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9801ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\usp10.dll'
9811ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume1\Windows\System32\lpk.dll
9821ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
9831ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9841ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB
9851ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9861ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
9871ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9881ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB
9891ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
9901ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
9911ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\lpk.dll'
9921ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume1\Windows\System32\gdi32.dll
9931ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
9941ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9951ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9
9961ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
9971ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
9981ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
9991ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9
10001ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10011ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10021ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\gdi32.dll'
10031ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume1\Windows\System32\user32.dll
10041ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
10051ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10061ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
10071ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10081ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
10091ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10101ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
10111ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10121ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10131ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\user32.dll'
10141ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume1\Windows\System32\imagehlp.dll
10151ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
10161ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10171ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
10181ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10191ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
10201ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10211ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
10221ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10231ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10241ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\imagehlp.dll'
10251ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptbase.dll
10261ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
10271ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10281ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
10291ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10301ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
10311ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10321ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
10331ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10341ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10351ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptbase.dll'
10361ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000114 pwszName=\Device\HarddiskVolume1\Windows\System32\sechost.dll
10371ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
10381ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10391ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
10401ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10411ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
10421ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10431ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
10441ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10451ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10461ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\sechost.dll'
10471ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000108 pwszName=\Device\HarddiskVolume1\Windows\System32\advapi32.dll
10481ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
10491ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10501ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4
10511ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10521ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
10531ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10541ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4
10551ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10561ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10571ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\advapi32.dll'
10581ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rsaenh.dll'
10591ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume1\Windows\System32\cryptsp.dll
10601ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
10611ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10621ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
10631ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10641ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
10651ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10661ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=40667EDBA9045D4A4BE1D4844665D3B88F8CD0E0
10671ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10681ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10691ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\cryptsp.dll'
10701ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume1\Windows\System32\msvcrt.dll
10711ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
10721ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10731ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
10741ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10751ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
10761ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10771ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
10781ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10791ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10801ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll'
10811ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume1\Windows\System32\msasn1.dll
10821ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
10831ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10841ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
10851ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10861ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
10871ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10881ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
10891ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
10901ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
10911ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\msasn1.dll'
10921ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
10931ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
10941ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10951ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12
10961ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
10971ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
10981ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
10991ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12
11001ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
11011ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
11021ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll'
11031ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Oracle\VirtualBox\VBoxSupLib.dll'
11041ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume1\Windows\System32\KernelBase.dll
11051ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
11061ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
11071ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57EB6F834C5A5D9585A660D91756134028A3B089
11081ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
11091ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
11101ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
11111ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57EB6F834C5A5D9585A660D91756134028A3B089
11121ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
11131ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
11141ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\KernelBase.dll'
11151ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume1\Windows\System32\kernel32.dll
11161ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008453a0
11171ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
11181ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
11191ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1783; iCat=0x0)
11201ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008453a0
11211ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008453a0
11221ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
11231ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERRROR_NOT_FOUND (1783)
11241ca8.1e14: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
11251ca8.1e14: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume1\Windows\System32\kernel32.dll'
11261ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume1\Windows\System32\crypt32.dll
11271ca8.1e14: Error (rc=0):
11281ca8.1e14: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=5 \Device\HarddiskVolume1\Windows\System32\crypt32.dll
11291ca8.1e14: Error (rc=0):
11301ca8.1e14: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\crypt32.dll' (C:\Windows\system32\crypt32.dll): rcNt=0xc0000190
11311ca8.1e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\crypt32.dll'
11321ca8.1e14: Fatal error:
11331ca8.1e14: Error loading 'crypt32.dll': 1790 [C:\Windows\system32\crypt32.dll]
1134b98.2398: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 267 ms, the end);
11351fac.22c0: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 618 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy