VirtualBox

Ticket #13761: VBoxStartup.log

File VBoxStartup.log, 502.0 KB (added by Algold, 10 years ago)
Line 
114b4.21c0: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
214b4.21c0: \SystemRoot\System32\ntdll.dll:
314b4.21c0: CreationTime: 2013-10-10T13:10:30.954030400Z
414b4.21c0: LastWriteTime: 2013-08-29T02:16:35.515578900Z
514b4.21c0: ChangeTime: 2013-10-11T11:40:18.437316400Z
614b4.21c0: FileAttributes: 0x20
714b4.21c0: Size: 0x1a6dc0
814b4.21c0: NT Headers: 0xe0
914b4.21c0: Timestamp: 0x521eaf24
1014b4.21c0: Machine: 0x8664 - amd64
1114b4.21c0: Timestamp: 0x521eaf24
1214b4.21c0: Image Version: 6.1
1314b4.21c0: SizeOfImage: 0x1a9000 (1740800)
1414b4.21c0: Resource Dir: 0x151000 LB 0x560d8
1514b4.21c0: ProductName: Microsoft® Windows® Operating System
1614b4.21c0: ProductVersion: 6.1.7601.18247
1714b4.21c0: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
1814b4.21c0: FileDescription: NT Layer DLL
1914b4.21c0: \SystemRoot\System32\kernel32.dll:
2014b4.21c0: CreationTime: 2014-04-09T08:02:43.422902700Z
2114b4.21c0: LastWriteTime: 2014-03-04T09:44:00.336000000Z
2214b4.21c0: ChangeTime: 2014-04-10T07:45:57.703732700Z
2314b4.21c0: FileAttributes: 0x20
2414b4.21c0: Size: 0x11c000
2514b4.21c0: NT Headers: 0xe8
2614b4.21c0: Timestamp: 0x5315a059
2714b4.21c0: Machine: 0x8664 - amd64
2814b4.21c0: Timestamp: 0x5315a059
2914b4.21c0: Image Version: 6.1
3014b4.21c0: SizeOfImage: 0x11f000 (1175552)
3114b4.21c0: Resource Dir: 0x116000 LB 0x528
3214b4.21c0: ProductName: Microsoft® Windows® Operating System
3314b4.21c0: ProductVersion: 6.1.7601.18409
3414b4.21c0: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3514b4.21c0: FileDescription: Windows NT BASE API Client DLL
3614b4.21c0: \SystemRoot\System32\KernelBase.dll:
3714b4.21c0: CreationTime: 2014-05-15T07:45:40.778797300Z
3814b4.21c0: LastWriteTime: 2014-03-04T09:44:00.336000000Z
3914b4.21c0: ChangeTime: 2014-05-20T07:42:34.975227200Z
4014b4.21c0: FileAttributes: 0x20
4114b4.21c0: Size: 0x67c00
4214b4.21c0: NT Headers: 0xe8
4314b4.21c0: Timestamp: 0x5315a05a
4414b4.21c0: Machine: 0x8664 - amd64
4514b4.21c0: Timestamp: 0x5315a05a
4614b4.21c0: Image Version: 6.1
4714b4.21c0: SizeOfImage: 0x6c000 (442368)
4814b4.21c0: Resource Dir: 0x6a000 LB 0x530
4914b4.21c0: ProductName: Microsoft® Windows® Operating System
5014b4.21c0: ProductVersion: 6.1.7601.18409
5114b4.21c0: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
5214b4.21c0: FileDescription: Windows NT BASE API Client DLL
5314b4.21c0: \SystemRoot\System32\apisetschema.dll:
5414b4.21c0: CreationTime: 2013-09-12T22:19:53.160436700Z
5514b4.21c0: LastWriteTime: 2013-08-02T02:12:20.275000000Z
5614b4.21c0: ChangeTime: 2013-09-13T02:26:33.490890500Z
5714b4.21c0: FileAttributes: 0x20
5814b4.21c0: Size: 0x1a00
5914b4.21c0: NT Headers: 0xc0
6014b4.21c0: Timestamp: 0x51fb15ca
6114b4.21c0: Machine: 0x8664 - amd64
6214b4.21c0: Timestamp: 0x51fb15ca
6314b4.21c0: Image Version: 6.1
6414b4.21c0: SizeOfImage: 0x50000 (327680)
6514b4.21c0: Resource Dir: 0x30000 LB 0x3f8
6614b4.21c0: ProductName: Microsoft® Windows® Operating System
6714b4.21c0: ProductVersion: 6.1.7601.18229
6814b4.21c0: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
6914b4.21c0: FileDescription: ApiSet Schema DLL
7014b4.21c0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
7114b4.21c0: supR3HardenedWinFindAdversaries: 0x100
7214b4.21c0: \SystemRoot\System32\drivers\avgrkx64.sys:
7314b4.21c0: CreationTime: 2013-10-23T01:05:08.000000000Z
7414b4.21c0: LastWriteTime: 2013-10-23T01:05:08.000000000Z
7514b4.21c0: ChangeTime: 2013-12-15T14:54:23.066334000Z
7614b4.21c0: FileAttributes: 0x20
7714b4.21c0: Size: 0xb338
7814b4.21c0: NT Headers: 0xd8
7914b4.21c0: Timestamp: 0x5267006a
8014b4.21c0: Machine: 0x8664 - amd64
8114b4.21c0: Timestamp: 0x5267006a
8214b4.21c0: Image Version: 6.1
8314b4.21c0: SizeOfImage: 0xd000 (53248)
8414b4.21c0: Resource Dir: 0xc000 LB 0x4c0
8514b4.21c0: ProductName: AVG Internet Security
8614b4.21c0: ProductVersion: 13.0.0.3450
8714b4.21c0: FileVersion: 13.0.0.3450
8814b4.21c0: SpecialBuild: AvgVC10_2013_1022_230739(3450), SVNRev b4d4546 (release/SmallUpdate2013-06)
8914b4.21c0: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
9014b4.21c0: FileDescription: AVG Anti-Rootkit Driver
9114b4.21c0: \SystemRoot\System32\drivers\avgmfx64.sys:
9214b4.21c0: CreationTime: 2013-07-01T00:45:28.000000000Z
9314b4.21c0: LastWriteTime: 2013-07-01T00:45:28.000000000Z
9414b4.21c0: ChangeTime: 2013-09-20T07:51:18.407812200Z
9514b4.21c0: FileAttributes: 0x20
9614b4.21c0: Size: 0x1c738
9714b4.21c0: NT Headers: 0xd0
9814b4.21c0: Timestamp: 0x51d0bf1d
9914b4.21c0: Machine: 0x8664 - amd64
10014b4.21c0: Timestamp: 0x51d0bf1d
10114b4.21c0: Image Version: 6.1
10214b4.21c0: SizeOfImage: 0x1f000 (126976)
10314b4.21c0: Resource Dir: 0x1d000 LB 0x4d8
10414b4.21c0: ProductName: AVG Internet Security
10514b4.21c0: ProductVersion: 13.0.0.3382
10614b4.21c0: FileVersion: 13.0.0.3382
10714b4.21c0: SpecialBuild: AvgVC10_2013_0630_235517(3382), SVNRev 698e045 (release/SmallUpdate2013-05)
10814b4.21c0: PrivateBuild: x64 Release_Unicode_DRIVER_wlh
10914b4.21c0: FileDescription: AVG Resident Shield Minifilter Driver
11014b4.21c0: \SystemRoot\System32\drivers\avgidsdrivera.sys:
11114b4.21c0: CreationTime: 2013-11-25T01:48:36.000000000Z
11214b4.21c0: LastWriteTime: 2013-11-25T01:48:36.000000000Z
11314b4.21c0: ChangeTime: 2013-12-15T14:54:23.440355400Z
11414b4.21c0: FileAttributes: 0x20
11514b4.21c0: Size: 0x3c138
11614b4.21c0: NT Headers: 0xd8
11714b4.21c0: Timestamp: 0x52929a87
11814b4.21c0: Machine: 0x8664 - amd64
11914b4.21c0: Timestamp: 0x52929a87
12014b4.21c0: Image Version: 6.1
12114b4.21c0: SizeOfImage: 0x43000 (274432)
12214b4.21c0: Resource Dir: 0x41000 LB 0x598
12314b4.21c0: ProductName: AVG Internet Security
12414b4.21c0: ProductVersion: 13.0.0.3458
12514b4.21c0: FileVersion: 13.0.0.3458
12614b4.21c0: SpecialBuild: AvgVC10_2013_1124_235635(3458), SVNRev ad13232 (release/SmallUpdate2013-06)
12714b4.21c0: PrivateBuild: x64 Release_Unicode_DRIVER_wlh
12814b4.21c0: FileDescription: IDS Application Activity Monitor Driver.
12914b4.21c0: \SystemRoot\System32\drivers\avgidsha.sys:
13014b4.21c0: CreationTime: 2013-07-20T00:50:56.000000000Z
13114b4.21c0: LastWriteTime: 2013-07-20T00:50:56.000000000Z
13214b4.21c0: ChangeTime: 2013-09-20T07:51:19.216915000Z
13314b4.21c0: FileAttributes: 0x20
13414b4.21c0: Size: 0x11738
13514b4.21c0: NT Headers: 0xd8
13614b4.21c0: Timestamp: 0x51e9cccc
13714b4.21c0: Machine: 0x8664 - amd64
13814b4.21c0: Timestamp: 0x51e9cccc
13914b4.21c0: Image Version: 6.1
14014b4.21c0: SizeOfImage: 0x15000 (86016)
14114b4.21c0: Resource Dir: 0x13000 LB 0x5a8
14214b4.21c0: ProductName: AVG Internet Security
14314b4.21c0: ProductVersion: 13.0.0.3388
14414b4.21c0: FileVersion: 13.0.0.3388
14514b4.21c0: SpecialBuild: AvgVC10_2013_0719_235840(3388), SVNRev b6c9856 (release/SmallUpdate2013-05)
14614b4.21c0: PrivateBuild: x64 Release_Unicode_DRIVER_wlh
14714b4.21c0: FileDescription: IDS Application Activity Monitor Helper Driver.
14814b4.21c0: \SystemRoot\System32\drivers\avgtdia.sys:
14914b4.21c0: CreationTime: 2014-10-17T15:34:46.000000000Z
15014b4.21c0: LastWriteTime: 2014-10-17T15:34:46.000000000Z
15114b4.21c0: ChangeTime: 2014-11-21T13:49:00.937407700Z
15214b4.21c0: FileAttributes: 0x20
15314b4.21c0: Size: 0x3ad38
15414b4.21c0: NT Headers: 0xd8
15514b4.21c0: Timestamp: 0x544118f4
15614b4.21c0: Machine: 0x8664 - amd64
15714b4.21c0: Timestamp: 0x544118f4
15814b4.21c0: Image Version: 6.1
15914b4.21c0: SizeOfImage: 0x3f000 (258048)
16014b4.21c0: Resource Dir: 0x3d000 LB 0x508
16114b4.21c0: ProductName: AVG Internet Security
16214b4.21c0: ProductVersion: 13.0.0.3491
16314b4.21c0: FileVersion: 13.0.0.3491
16414b4.21c0: SpecialBuild: AvgVC10_2014_1017_135430(3491), SVNRev 904609031cc94b28fb1bdcace39081348987c40d (release/HotFix2013-18)
16514b4.21c0: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
16614b4.21c0: FileDescription: AVG Network connection watcher
16714b4.21c0: \SystemRoot\System32\drivers\avgloga.sys:
16814b4.21c0: CreationTime: 2013-07-20T00:51:00.000000000Z
16914b4.21c0: LastWriteTime: 2013-07-20T00:51:00.000000000Z
17014b4.21c0: ChangeTime: 2013-09-20T07:51:15.768477100Z
17114b4.21c0: FileAttributes: 0x20
17214b4.21c0: Size: 0x4c138
17314b4.21c0: NT Headers: 0xd0
17414b4.21c0: Timestamp: 0x51e9ccbc
17514b4.21c0: Machine: 0x8664 - amd64
17614b4.21c0: Timestamp: 0x51e9ccbc
17714b4.21c0: Image Version: 6.1
17814b4.21c0: SizeOfImage: 0x4e000 (319488)
17914b4.21c0: Resource Dir: 0x4c000 LB 0x4b0
18014b4.21c0: ProductName: AVG Internet Security
18114b4.21c0: ProductVersion: 13.0.0.3388
18214b4.21c0: FileVersion: 13.0.0.3388
18314b4.21c0: SpecialBuild: AvgVC10_2013_0719_235840(3388), SVNRev b6c9856 (release/SmallUpdate2013-05)
18414b4.21c0: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
18514b4.21c0: FileDescription: AVG Logging Driver
18614b4.21c0: \SystemRoot\System32\drivers\avgldx64.sys:
18714b4.21c0: CreationTime: 2014-11-04T00:30:04.000000000Z
18814b4.21c0: LastWriteTime: 2014-11-04T00:30:04.000000000Z
18914b4.21c0: ChangeTime: 2014-11-21T13:48:58.654277100Z
19014b4.21c0: FileAttributes: 0x20
19114b4.21c0: Size: 0x33338
19214b4.21c0: NT Headers: 0xd0
19314b4.21c0: Timestamp: 0x54580cb7
19414b4.21c0: Machine: 0x8664 - amd64
19514b4.21c0: Timestamp: 0x54580cb7
19614b4.21c0: Image Version: 6.1
19714b4.21c0: SizeOfImage: 0x37000 (225280)
19814b4.21c0: Resource Dir: 0x35000 LB 0x4f8
19914b4.21c0: ProductName: AVG Internet Security
20014b4.21c0: ProductVersion: 13.0.0.3494
20114b4.21c0: FileVersion: 13.0.0.3494
20214b4.21c0: SpecialBuild: AvgVC10_2014_1103_224628(3494), SVNRev 5014554899867ee5e408d33bd7ebe12631b8062d (release/HotFix2013-18)
20314b4.21c0: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
20414b4.21c0: FileDescription: AVG AVI Loader Driver
20514b4.21c0: Calling main()
20614b4.21c0: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
20714b4.21c0: SUPR3HardenedMain: Respawn #1
20814b4.21c0: System32: \Device\HarddiskVolume3\Windows\System32
20914b4.21c0: WinSxS: \Device\HarddiskVolume3\Windows\winsxs
21014b4.21c0: KnownDllPath: C:\Windows\system32
21114b4.21c0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
21214b4.21c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
21314b4.21c0: supR3HardNtEnableThreadCreation:
21414b4.21c0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077a9c340 pvNtTerminateThread=0000000077ac17e0
21514b4.21c0: supR3HardenedWinDoReSpawn(1): New child 1b5c.17e8 [kernel32].
21614b4.21c0: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdc000 cbPeb=0x380
21714b4.21c0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077a70000 uNtDllChildAddr=0000000077a70000
21814b4.21c0: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000077a9c340
21914b4.21c0: supR3HardenedWinSetupChildInit: Start child.
22014b4.21c0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 255 ms.
22114b4.21c0: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 65 sleeps
22214b4.21c0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
22314b4.21c0: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
22414b4.21c0: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
22514b4.21c0: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
22614b4.21c0: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
22714b4.21c0: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
22814b4.21c0: 0000000000041000-fffffffffff81fff 0x0001/0x0000 0x0000000
22914b4.21c0: *0000000000100000-0000000000003fff 0x0000/0x0004 0x0020000
23014b4.21c0: 00000000001fc000-00000000001f8fff 0x0104/0x0004 0x0020000
23114b4.21c0: 00000000001ff000-00000000001fdfff 0x0004/0x0004 0x0020000
23214b4.21c0: 0000000000200000-ffffffff8898ffff 0x0001/0x0000 0x0000000
23314b4.21c0: *0000000077a70000-0000000077a6efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23414b4.21c0: 0000000077a71000-000000007796efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23514b4.21c0: 0000000077b73000-0000000077b43fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23614b4.21c0: 0000000077ba2000-0000000077b99fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23714b4.21c0: 0000000077baa000-0000000077ba8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23814b4.21c0: 0000000077bab000-0000000077ba7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23914b4.21c0: 0000000077bae000-0000000077b42fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
24014b4.21c0: 0000000077c19000-0000000070851fff 0x0001/0x0000 0x0000000
24114b4.21c0: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
24214b4.21c0: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
24314b4.21c0: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
24414b4.21c0: 000000007fff0000-ffffffffc0d3ffff 0x0001/0x0000 0x0000000
24514b4.21c0: *000000013f2a0000-000000013f29efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
24614b4.21c0: 000000013f2a1000-000000013f21cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
24714b4.21c0: 000000013f325000-000000013f323fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
24814b4.21c0: 000000013f326000-000000013f2e8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
24914b4.21c0: 000000013f363000-000000013f361fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
25014b4.21c0: 000000013f364000-000000013f362fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
25114b4.21c0: 000000013f365000-000000013f362fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
25214b4.21c0: 000000013f367000-000000013f365fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
25314b4.21c0: 000000013f368000-000000013f366fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
25414b4.21c0: 000000013f369000-000000013f364fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
25514b4.21c0: 000000013f36d000-000000013f333fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
25614b4.21c0: 000000013f3a6000-fffff8037e9bbfff 0x0001/0x0000 0x0000000
25714b4.21c0: *000007feffd90000-000007feffd8efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apisetschema.dll
25814b4.21c0: 000007feffd91000-000007fdffb71fff 0x0001/0x0000 0x0000000
25914b4.21c0: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
26014b4.21c0: 000007fffffd3000-000007fffffc9fff 0x0001/0x0000 0x0000000
26114b4.21c0: *000007fffffdc000-000007fffffdafff 0x0004/0x0004 0x0020000
26214b4.21c0: 000007fffffdd000-000007fffffdbfff 0x0001/0x0000 0x0000000
26314b4.21c0: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
26414b4.21c0: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
26514b4.21c0: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
26614b4.21c0: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
26714b4.21c0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
26814b4.21c0: '\Device\HarddiskVolume3\Windows\System32\apisetschema.dll' has no imports
26914b4.21c0: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
27014b4.21c0: supR3HardNtChildPurify: Done after 542 ms and 0 fixes (loop #0).
27114b4.21c0: supR3HardNtEnableThreadCreation:
2721b5c.17e8: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
2731b5c.17e8: supR3HardenedVmProcessInit: uNtDllAddr=0000000077a70000
2741b5c.17e8: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
2751b5c.17e8: New simple heap: #1 0000000000300000 LB 0x400000 (for 1740800 allocation)
2761b5c.17e8: System32: \Device\HarddiskVolume3\Windows\System32
2771b5c.17e8: WinSxS: \Device\HarddiskVolume3\Windows\winsxs
2781b5c.17e8: KnownDllPath: C:\Windows\system32
2791b5c.17e8: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2801b5c.17e8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
2811b5c.17e8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
2821b5c.17e8: Registered Dll notification callback with NTDLL.
2831b5c.17e8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
2841b5c.17e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2851b5c.17e8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2861b5c.17e8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2871b5c.17e8: supR3HardenedDllNotificationCallback: load 0000000077950000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
2881b5c.17e8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2891b5c.17e8: supR3HardenedDllNotificationCallback: load 000007fefcd90000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
2901b5c.17e8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
2911b5c.17e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
2921b5c.17e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077950000 'C:\Windows\system32\kernel32.dll'
2931b5c.17e8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077a9c340 pvNtTerminateThread=0000000077ac17e0
29414b4.21c0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 26 ms.
2951b5c.17e8: \SystemRoot\System32\ntdll.dll:
2961b5c.17e8: CreationTime: 2013-10-10T13:10:30.954030400Z
2971b5c.17e8: LastWriteTime: 2013-08-29T02:16:35.515578900Z
2981b5c.17e8: ChangeTime: 2013-10-11T11:40:18.437316400Z
2991b5c.17e8: FileAttributes: 0x20
3001b5c.17e8: Size: 0x1a6dc0
3011b5c.17e8: NT Headers: 0xe0
3021b5c.17e8: Timestamp: 0x521eaf24
3031b5c.17e8: Machine: 0x8664 - amd64
3041b5c.17e8: Timestamp: 0x521eaf24
3051b5c.17e8: Image Version: 6.1
3061b5c.17e8: SizeOfImage: 0x1a9000 (1740800)
3071b5c.17e8: Resource Dir: 0x151000 LB 0x560d8
3081b5c.17e8: ProductName: Microsoft® Windows® Operating System
3091b5c.17e8: ProductVersion: 6.1.7601.18247
3101b5c.17e8: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
3111b5c.17e8: FileDescription: NT Layer DLL
3121b5c.17e8: \SystemRoot\System32\kernel32.dll:
3131b5c.17e8: CreationTime: 2014-04-09T08:02:43.422902700Z
3141b5c.17e8: LastWriteTime: 2014-03-04T09:44:00.336000000Z
3151b5c.17e8: ChangeTime: 2014-04-10T07:45:57.703732700Z
3161b5c.17e8: FileAttributes: 0x20
3171b5c.17e8: Size: 0x11c000
3181b5c.17e8: NT Headers: 0xe8
3191b5c.17e8: Timestamp: 0x5315a059
3201b5c.17e8: Machine: 0x8664 - amd64
3211b5c.17e8: Timestamp: 0x5315a059
3221b5c.17e8: Image Version: 6.1
3231b5c.17e8: SizeOfImage: 0x11f000 (1175552)
3241b5c.17e8: Resource Dir: 0x116000 LB 0x528
3251b5c.17e8: ProductName: Microsoft® Windows® Operating System
3261b5c.17e8: ProductVersion: 6.1.7601.18409
3271b5c.17e8: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3281b5c.17e8: FileDescription: Windows NT BASE API Client DLL
3291b5c.17e8: \SystemRoot\System32\KernelBase.dll:
3301b5c.17e8: CreationTime: 2014-05-15T07:45:40.778797300Z
3311b5c.17e8: LastWriteTime: 2014-03-04T09:44:00.336000000Z
3321b5c.17e8: ChangeTime: 2014-05-20T07:42:34.975227200Z
3331b5c.17e8: FileAttributes: 0x20
3341b5c.17e8: Size: 0x67c00
3351b5c.17e8: NT Headers: 0xe8
3361b5c.17e8: Timestamp: 0x5315a05a
3371b5c.17e8: Machine: 0x8664 - amd64
3381b5c.17e8: Timestamp: 0x5315a05a
3391b5c.17e8: Image Version: 6.1
3401b5c.17e8: SizeOfImage: 0x6c000 (442368)
3411b5c.17e8: Resource Dir: 0x6a000 LB 0x530
3421b5c.17e8: ProductName: Microsoft® Windows® Operating System
3431b5c.17e8: ProductVersion: 6.1.7601.18409
3441b5c.17e8: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
3451b5c.17e8: FileDescription: Windows NT BASE API Client DLL
3461b5c.17e8: \SystemRoot\System32\apisetschema.dll:
3471b5c.17e8: CreationTime: 2013-09-12T22:19:53.160436700Z
3481b5c.17e8: LastWriteTime: 2013-08-02T02:12:20.275000000Z
3491b5c.17e8: ChangeTime: 2013-09-13T02:26:33.490890500Z
3501b5c.17e8: FileAttributes: 0x20
3511b5c.17e8: Size: 0x1a00
3521b5c.17e8: NT Headers: 0xc0
3531b5c.17e8: Timestamp: 0x51fb15ca
3541b5c.17e8: Machine: 0x8664 - amd64
3551b5c.17e8: Timestamp: 0x51fb15ca
3561b5c.17e8: Image Version: 6.1
3571b5c.17e8: SizeOfImage: 0x50000 (327680)
3581b5c.17e8: Resource Dir: 0x30000 LB 0x3f8
3591b5c.17e8: ProductName: Microsoft® Windows® Operating System
3601b5c.17e8: ProductVersion: 6.1.7601.18229
3611b5c.17e8: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
3621b5c.17e8: FileDescription: ApiSet Schema DLL
3631b5c.17e8: NtOpenDirectoryObject failed on \Driver: 0xc0000022
3641b5c.17e8: supR3HardenedWinFindAdversaries: 0x100
3651b5c.17e8: \SystemRoot\System32\drivers\avgrkx64.sys:
3661b5c.17e8: CreationTime: 2013-10-23T01:05:08.000000000Z
3671b5c.17e8: LastWriteTime: 2013-10-23T01:05:08.000000000Z
3681b5c.17e8: ChangeTime: 2013-12-15T14:54:23.066334000Z
3691b5c.17e8: FileAttributes: 0x20
3701b5c.17e8: Size: 0xb338
3711b5c.17e8: NT Headers: 0xd8
3721b5c.17e8: Timestamp: 0x5267006a
3731b5c.17e8: Machine: 0x8664 - amd64
3741b5c.17e8: Timestamp: 0x5267006a
3751b5c.17e8: Image Version: 6.1
3761b5c.17e8: SizeOfImage: 0xd000 (53248)
3771b5c.17e8: Resource Dir: 0xc000 LB 0x4c0
3781b5c.17e8: ProductName: AVG Internet Security
3791b5c.17e8: ProductVersion: 13.0.0.3450
3801b5c.17e8: FileVersion: 13.0.0.3450
3811b5c.17e8: SpecialBuild: AvgVC10_2013_1022_230739(3450), SVNRev b4d4546 (release/SmallUpdate2013-06)
3821b5c.17e8: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
3831b5c.17e8: FileDescription: AVG Anti-Rootkit Driver
3841b5c.17e8: \SystemRoot\System32\drivers\avgmfx64.sys:
3851b5c.17e8: CreationTime: 2013-07-01T00:45:28.000000000Z
3861b5c.17e8: LastWriteTime: 2013-07-01T00:45:28.000000000Z
3871b5c.17e8: ChangeTime: 2013-09-20T07:51:18.407812200Z
3881b5c.17e8: FileAttributes: 0x20
3891b5c.17e8: Size: 0x1c738
3901b5c.17e8: NT Headers: 0xd0
3911b5c.17e8: Timestamp: 0x51d0bf1d
3921b5c.17e8: Machine: 0x8664 - amd64
3931b5c.17e8: Timestamp: 0x51d0bf1d
3941b5c.17e8: Image Version: 6.1
3951b5c.17e8: SizeOfImage: 0x1f000 (126976)
3961b5c.17e8: Resource Dir: 0x1d000 LB 0x4d8
3971b5c.17e8: ProductName: AVG Internet Security
3981b5c.17e8: ProductVersion: 13.0.0.3382
3991b5c.17e8: FileVersion: 13.0.0.3382
4001b5c.17e8: SpecialBuild: AvgVC10_2013_0630_235517(3382), SVNRev 698e045 (release/SmallUpdate2013-05)
4011b5c.17e8: PrivateBuild: x64 Release_Unicode_DRIVER_wlh
4021b5c.17e8: FileDescription: AVG Resident Shield Minifilter Driver
4031b5c.17e8: \SystemRoot\System32\drivers\avgidsdrivera.sys:
4041b5c.17e8: CreationTime: 2013-11-25T01:48:36.000000000Z
4051b5c.17e8: LastWriteTime: 2013-11-25T01:48:36.000000000Z
4061b5c.17e8: ChangeTime: 2013-12-15T14:54:23.440355400Z
4071b5c.17e8: FileAttributes: 0x20
4081b5c.17e8: Size: 0x3c138
4091b5c.17e8: NT Headers: 0xd8
4101b5c.17e8: Timestamp: 0x52929a87
4111b5c.17e8: Machine: 0x8664 - amd64
4121b5c.17e8: Timestamp: 0x52929a87
4131b5c.17e8: Image Version: 6.1
4141b5c.17e8: SizeOfImage: 0x43000 (274432)
4151b5c.17e8: Resource Dir: 0x41000 LB 0x598
4161b5c.17e8: ProductName: AVG Internet Security
4171b5c.17e8: ProductVersion: 13.0.0.3458
4181b5c.17e8: FileVersion: 13.0.0.3458
4191b5c.17e8: SpecialBuild: AvgVC10_2013_1124_235635(3458), SVNRev ad13232 (release/SmallUpdate2013-06)
4201b5c.17e8: PrivateBuild: x64 Release_Unicode_DRIVER_wlh
4211b5c.17e8: FileDescription: IDS Application Activity Monitor Driver.
4221b5c.17e8: \SystemRoot\System32\drivers\avgidsha.sys:
4231b5c.17e8: CreationTime: 2013-07-20T00:50:56.000000000Z
4241b5c.17e8: LastWriteTime: 2013-07-20T00:50:56.000000000Z
4251b5c.17e8: ChangeTime: 2013-09-20T07:51:19.216915000Z
4261b5c.17e8: FileAttributes: 0x20
4271b5c.17e8: Size: 0x11738
4281b5c.17e8: NT Headers: 0xd8
4291b5c.17e8: Timestamp: 0x51e9cccc
4301b5c.17e8: Machine: 0x8664 - amd64
4311b5c.17e8: Timestamp: 0x51e9cccc
4321b5c.17e8: Image Version: 6.1
4331b5c.17e8: SizeOfImage: 0x15000 (86016)
4341b5c.17e8: Resource Dir: 0x13000 LB 0x5a8
4351b5c.17e8: ProductName: AVG Internet Security
4361b5c.17e8: ProductVersion: 13.0.0.3388
4371b5c.17e8: FileVersion: 13.0.0.3388
4381b5c.17e8: SpecialBuild: AvgVC10_2013_0719_235840(3388), SVNRev b6c9856 (release/SmallUpdate2013-05)
4391b5c.17e8: PrivateBuild: x64 Release_Unicode_DRIVER_wlh
4401b5c.17e8: FileDescription: IDS Application Activity Monitor Helper Driver.
4411b5c.17e8: \SystemRoot\System32\drivers\avgtdia.sys:
4421b5c.17e8: CreationTime: 2014-10-17T15:34:46.000000000Z
4431b5c.17e8: LastWriteTime: 2014-10-17T15:34:46.000000000Z
4441b5c.17e8: ChangeTime: 2014-11-21T13:49:00.937407700Z
4451b5c.17e8: FileAttributes: 0x20
4461b5c.17e8: Size: 0x3ad38
4471b5c.17e8: NT Headers: 0xd8
4481b5c.17e8: Timestamp: 0x544118f4
4491b5c.17e8: Machine: 0x8664 - amd64
4501b5c.17e8: Timestamp: 0x544118f4
4511b5c.17e8: Image Version: 6.1
4521b5c.17e8: SizeOfImage: 0x3f000 (258048)
4531b5c.17e8: Resource Dir: 0x3d000 LB 0x508
4541b5c.17e8: ProductName: AVG Internet Security
4551b5c.17e8: ProductVersion: 13.0.0.3491
4561b5c.17e8: FileVersion: 13.0.0.3491
4571b5c.17e8: SpecialBuild: AvgVC10_2014_1017_135430(3491), SVNRev 904609031cc94b28fb1bdcace39081348987c40d (release/HotFix2013-18)
4581b5c.17e8: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
4591b5c.17e8: FileDescription: AVG Network connection watcher
4601b5c.17e8: \SystemRoot\System32\drivers\avgloga.sys:
4611b5c.17e8: CreationTime: 2013-07-20T00:51:00.000000000Z
4621b5c.17e8: LastWriteTime: 2013-07-20T00:51:00.000000000Z
4631b5c.17e8: ChangeTime: 2013-09-20T07:51:15.768477100Z
4641b5c.17e8: FileAttributes: 0x20
4651b5c.17e8: Size: 0x4c138
4661b5c.17e8: NT Headers: 0xd0
4671b5c.17e8: Timestamp: 0x51e9ccbc
4681b5c.17e8: Machine: 0x8664 - amd64
4691b5c.17e8: Timestamp: 0x51e9ccbc
4701b5c.17e8: Image Version: 6.1
4711b5c.17e8: SizeOfImage: 0x4e000 (319488)
4721b5c.17e8: Resource Dir: 0x4c000 LB 0x4b0
4731b5c.17e8: ProductName: AVG Internet Security
4741b5c.17e8: ProductVersion: 13.0.0.3388
4751b5c.17e8: FileVersion: 13.0.0.3388
4761b5c.17e8: SpecialBuild: AvgVC10_2013_0719_235840(3388), SVNRev b6c9856 (release/SmallUpdate2013-05)
4771b5c.17e8: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
4781b5c.17e8: FileDescription: AVG Logging Driver
4791b5c.17e8: \SystemRoot\System32\drivers\avgldx64.sys:
4801b5c.17e8: CreationTime: 2014-11-04T00:30:04.000000000Z
4811b5c.17e8: LastWriteTime: 2014-11-04T00:30:04.000000000Z
4821b5c.17e8: ChangeTime: 2014-11-21T13:48:58.654277100Z
4831b5c.17e8: FileAttributes: 0x20
4841b5c.17e8: Size: 0x33338
4851b5c.17e8: NT Headers: 0xd0
4861b5c.17e8: Timestamp: 0x54580cb7
4871b5c.17e8: Machine: 0x8664 - amd64
4881b5c.17e8: Timestamp: 0x54580cb7
4891b5c.17e8: Image Version: 6.1
4901b5c.17e8: SizeOfImage: 0x37000 (225280)
4911b5c.17e8: Resource Dir: 0x35000 LB 0x4f8
4921b5c.17e8: ProductName: AVG Internet Security
4931b5c.17e8: ProductVersion: 13.0.0.3494
4941b5c.17e8: FileVersion: 13.0.0.3494
4951b5c.17e8: SpecialBuild: AvgVC10_2014_1103_224628(3494), SVNRev 5014554899867ee5e408d33bd7ebe12631b8062d (release/HotFix2013-18)
4961b5c.17e8: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
4971b5c.17e8: FileDescription: AVG AVI Loader Driver
4981b5c.17e8: Calling main()
4991b5c.17e8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
5001b5c.17e8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
5011b5c.17e8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
5021b5c.17e8: SUPR3HardenedMain: Respawn #2
5031b5c.17e8: supR3HardNtEnableThreadCreation:
5041b5c.17e8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\apphelp.dll)
5051b5c.17e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\apphelp.dll
5061b5c.17e8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
5071b5c.17e8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
5081b5c.17e8: supR3HardenedDllNotificationCallback: load 000007fefc850000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
5091b5c.17e8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
5101b5c.17e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc850000 'C:\Windows\system32\apphelp.dll'
5111b5c.17e8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077a9c340 pvNtTerminateThread=0000000077ac17e0
5121b5c.17e8: supR3HardenedWinDoReSpawn(2): New child 1008.2274 [kernel32].
5131b5c.17e8: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd8000 cbPeb=0x380
5141b5c.17e8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077a70000 uNtDllChildAddr=0000000077a70000
5151b5c.17e8: supR3HardenedWinSetupChildInit: uLdrInitThunk=0000000077a9c340
5161b5c.17e8: supR3HardenedWinSetupChildInit: Start child.
5171b5c.17e8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 255 ms.
5181b5c.17e8: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 64 sleeps
5191b5c.17e8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
5201b5c.17e8: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
5211b5c.17e8: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
5221b5c.17e8: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
5231b5c.17e8: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
5241b5c.17e8: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
5251b5c.17e8: 0000000000041000-fffffffffff61fff 0x0001/0x0000 0x0000000
5261b5c.17e8: *0000000000120000-0000000000023fff 0x0000/0x0004 0x0020000
5271b5c.17e8: 000000000021c000-0000000000218fff 0x0104/0x0004 0x0020000
5281b5c.17e8: 000000000021f000-000000000021dfff 0x0004/0x0004 0x0020000
5291b5c.17e8: 0000000000220000-ffffffff889cffff 0x0001/0x0000 0x0000000
5301b5c.17e8: *0000000077a70000-0000000077a6efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
5311b5c.17e8: 0000000077a71000-000000007796efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
5321b5c.17e8: 0000000077b73000-0000000077b43fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
5331b5c.17e8: 0000000077ba2000-0000000077b99fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
5341b5c.17e8: 0000000077baa000-0000000077ba8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
5351b5c.17e8: 0000000077bab000-0000000077ba7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
5361b5c.17e8: 0000000077bae000-0000000077b42fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
5371b5c.17e8: 0000000077c19000-0000000070851fff 0x0001/0x0000 0x0000000
5381b5c.17e8: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
5391b5c.17e8: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
5401b5c.17e8: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
5411b5c.17e8: 000000007fff0000-ffffffffc0d3ffff 0x0001/0x0000 0x0000000
5421b5c.17e8: *000000013f2a0000-000000013f29efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
5431b5c.17e8: 000000013f2a1000-000000013f21cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
5441b5c.17e8: 000000013f325000-000000013f323fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
5451b5c.17e8: 000000013f326000-000000013f2e8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
5461b5c.17e8: 000000013f363000-000000013f361fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
5471b5c.17e8: 000000013f364000-000000013f362fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
5481b5c.17e8: 000000013f365000-000000013f362fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
5491b5c.17e8: 000000013f367000-000000013f365fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
5501b5c.17e8: 000000013f368000-000000013f366fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
5511b5c.17e8: 000000013f369000-000000013f364fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
5521b5c.17e8: 000000013f36d000-000000013f333fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe
5531b5c.17e8: 000000013f3a6000-fffff8037e9bbfff 0x0001/0x0000 0x0000000
5541b5c.17e8: *000007feffd90000-000007feffd8efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apisetschema.dll
5551b5c.17e8: 000007feffd91000-000007fdffb71fff 0x0001/0x0000 0x0000000
5561b5c.17e8: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
5571b5c.17e8: 000007fffffd3000-000007fffffcdfff 0x0001/0x0000 0x0000000
5581b5c.17e8: *000007fffffd8000-000007fffffd6fff 0x0004/0x0004 0x0020000
5591b5c.17e8: 000007fffffd9000-000007fffffd3fff 0x0001/0x0000 0x0000000
5601b5c.17e8: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
5611b5c.17e8: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
5621b5c.17e8: apisetschema.dll: timestamp 0x51fb15ca (rc=VINF_SUCCESS)
5631b5c.17e8: VirtualBox.exe: timestamp 0x54731167 (rc=VINF_SUCCESS)
5641b5c.17e8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
5651b5c.17e8: '\Device\HarddiskVolume3\Windows\System32\apisetschema.dll' has no imports
5661b5c.17e8: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
5671b5c.17e8: supR3HardNtChildPurify: Done after 534 ms and 0 fixes (loop #0).
5681b5c.17e8: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000300000 LB 0x400000)
5691b5c.17e8: supR3HardNtEnableThreadCreation:
5701008.2274: Log file opened: 4.3.20r96997 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
5711008.2274: supR3HardenedVmProcessInit: uNtDllAddr=0000000077a70000
5721008.2274: ntdll.dll: timestamp 0x521eaf24 (rc=VINF_SUCCESS)
5731008.2274: New simple heap: #1 0000000000320000 LB 0x400000 (for 1740800 allocation)
5741008.2274: System32: \Device\HarddiskVolume3\Windows\System32
5751008.2274: WinSxS: \Device\HarddiskVolume3\Windows\winsxs
5761008.2274: KnownDllPath: C:\Windows\system32
5771008.2274: supR3HardenedVmProcessInit: Opening vboxdrv...
5781008.2274: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
5791008.2274: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
5801008.2274: Registered Dll notification callback with NTDLL.
5811008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
5821008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
5831008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
5841008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5851008.2274: supR3HardenedDllNotificationCallback: load 0000000077950000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
5861008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5871008.2274: supR3HardenedDllNotificationCallback: load 000007fefcd90000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
5881008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
5891008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
5901008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077950000 'C:\Windows\system32\kernel32.dll'
5911008.2274: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000077a9c340 pvNtTerminateThread=0000000077ac17e0
5921b5c.17e8: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 33 ms.
5931008.2274: \SystemRoot\System32\ntdll.dll:
5941008.2274: CreationTime: 2013-10-10T13:10:30.954030400Z
5951008.2274: LastWriteTime: 2013-08-29T02:16:35.515578900Z
5961008.2274: ChangeTime: 2013-10-11T11:40:18.437316400Z
5971008.2274: FileAttributes: 0x20
5981008.2274: Size: 0x1a6dc0
5991008.2274: NT Headers: 0xe0
6001008.2274: Timestamp: 0x521eaf24
6011008.2274: Machine: 0x8664 - amd64
6021008.2274: Timestamp: 0x521eaf24
6031008.2274: Image Version: 6.1
6041008.2274: SizeOfImage: 0x1a9000 (1740800)
6051008.2274: Resource Dir: 0x151000 LB 0x560d8
6061008.2274: ProductName: Microsoft® Windows® Operating System
6071008.2274: ProductVersion: 6.1.7601.18247
6081008.2274: FileVersion: 6.1.7601.18247 (win7sp1_gdr.130828-1532)
6091008.2274: FileDescription: NT Layer DLL
6101008.2274: \SystemRoot\System32\kernel32.dll:
6111008.2274: CreationTime: 2014-04-09T08:02:43.422902700Z
6121008.2274: LastWriteTime: 2014-03-04T09:44:00.336000000Z
6131008.2274: ChangeTime: 2014-04-10T07:45:57.703732700Z
6141008.2274: FileAttributes: 0x20
6151008.2274: Size: 0x11c000
6161008.2274: NT Headers: 0xe8
6171008.2274: Timestamp: 0x5315a059
6181008.2274: Machine: 0x8664 - amd64
6191008.2274: Timestamp: 0x5315a059
6201008.2274: Image Version: 6.1
6211008.2274: SizeOfImage: 0x11f000 (1175552)
6221008.2274: Resource Dir: 0x116000 LB 0x528
6231008.2274: ProductName: Microsoft® Windows® Operating System
6241008.2274: ProductVersion: 6.1.7601.18409
6251008.2274: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
6261008.2274: FileDescription: Windows NT BASE API Client DLL
6271008.2274: \SystemRoot\System32\KernelBase.dll:
6281008.2274: CreationTime: 2014-05-15T07:45:40.778797300Z
6291008.2274: LastWriteTime: 2014-03-04T09:44:00.336000000Z
6301008.2274: ChangeTime: 2014-05-20T07:42:34.975227200Z
6311008.2274: FileAttributes: 0x20
6321008.2274: Size: 0x67c00
6331008.2274: NT Headers: 0xe8
6341008.2274: Timestamp: 0x5315a05a
6351008.2274: Machine: 0x8664 - amd64
6361008.2274: Timestamp: 0x5315a05a
6371008.2274: Image Version: 6.1
6381008.2274: SizeOfImage: 0x6c000 (442368)
6391008.2274: Resource Dir: 0x6a000 LB 0x530
6401008.2274: ProductName: Microsoft® Windows® Operating System
6411008.2274: ProductVersion: 6.1.7601.18409
6421008.2274: FileVersion: 6.1.7601.18409 (win7sp1_gdr.140303-2144)
6431008.2274: FileDescription: Windows NT BASE API Client DLL
6441008.2274: \SystemRoot\System32\apisetschema.dll:
6451008.2274: CreationTime: 2013-09-12T22:19:53.160436700Z
6461008.2274: LastWriteTime: 2013-08-02T02:12:20.275000000Z
6471008.2274: ChangeTime: 2013-09-13T02:26:33.490890500Z
6481008.2274: FileAttributes: 0x20
6491008.2274: Size: 0x1a00
6501008.2274: NT Headers: 0xc0
6511008.2274: Timestamp: 0x51fb15ca
6521008.2274: Machine: 0x8664 - amd64
6531008.2274: Timestamp: 0x51fb15ca
6541008.2274: Image Version: 6.1
6551008.2274: SizeOfImage: 0x50000 (327680)
6561008.2274: Resource Dir: 0x30000 LB 0x3f8
6571008.2274: ProductName: Microsoft® Windows® Operating System
6581008.2274: ProductVersion: 6.1.7601.18229
6591008.2274: FileVersion: 6.1.7601.18229 (win7sp1_gdr.130801-1533)
6601008.2274: FileDescription: ApiSet Schema DLL
6611008.2274: NtOpenDirectoryObject failed on \Driver: 0xc0000022
6621008.2274: supR3HardenedWinFindAdversaries: 0x100
6631008.2274: \SystemRoot\System32\drivers\avgrkx64.sys:
6641008.2274: CreationTime: 2013-10-23T01:05:08.000000000Z
6651008.2274: LastWriteTime: 2013-10-23T01:05:08.000000000Z
6661008.2274: ChangeTime: 2013-12-15T14:54:23.066334000Z
6671008.2274: FileAttributes: 0x20
6681008.2274: Size: 0xb338
6691008.2274: NT Headers: 0xd8
6701008.2274: Timestamp: 0x5267006a
6711008.2274: Machine: 0x8664 - amd64
6721008.2274: Timestamp: 0x5267006a
6731008.2274: Image Version: 6.1
6741008.2274: SizeOfImage: 0xd000 (53248)
6751008.2274: Resource Dir: 0xc000 LB 0x4c0
6761008.2274: ProductName: AVG Internet Security
6771008.2274: ProductVersion: 13.0.0.3450
6781008.2274: FileVersion: 13.0.0.3450
6791008.2274: SpecialBuild: AvgVC10_2013_1022_230739(3450), SVNRev b4d4546 (release/SmallUpdate2013-06)
6801008.2274: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
6811008.2274: FileDescription: AVG Anti-Rootkit Driver
6821008.2274: \SystemRoot\System32\drivers\avgmfx64.sys:
6831008.2274: CreationTime: 2013-07-01T00:45:28.000000000Z
6841008.2274: LastWriteTime: 2013-07-01T00:45:28.000000000Z
6851008.2274: ChangeTime: 2013-09-20T07:51:18.407812200Z
6861008.2274: FileAttributes: 0x20
6871008.2274: Size: 0x1c738
6881008.2274: NT Headers: 0xd0
6891008.2274: Timestamp: 0x51d0bf1d
6901008.2274: Machine: 0x8664 - amd64
6911008.2274: Timestamp: 0x51d0bf1d
6921008.2274: Image Version: 6.1
6931008.2274: SizeOfImage: 0x1f000 (126976)
6941008.2274: Resource Dir: 0x1d000 LB 0x4d8
6951008.2274: ProductName: AVG Internet Security
6961008.2274: ProductVersion: 13.0.0.3382
6971008.2274: FileVersion: 13.0.0.3382
6981008.2274: SpecialBuild: AvgVC10_2013_0630_235517(3382), SVNRev 698e045 (release/SmallUpdate2013-05)
6991008.2274: PrivateBuild: x64 Release_Unicode_DRIVER_wlh
7001008.2274: FileDescription: AVG Resident Shield Minifilter Driver
7011008.2274: \SystemRoot\System32\drivers\avgidsdrivera.sys:
7021008.2274: CreationTime: 2013-11-25T01:48:36.000000000Z
7031008.2274: LastWriteTime: 2013-11-25T01:48:36.000000000Z
7041008.2274: ChangeTime: 2013-12-15T14:54:23.440355400Z
7051008.2274: FileAttributes: 0x20
7061008.2274: Size: 0x3c138
7071008.2274: NT Headers: 0xd8
7081008.2274: Timestamp: 0x52929a87
7091008.2274: Machine: 0x8664 - amd64
7101008.2274: Timestamp: 0x52929a87
7111008.2274: Image Version: 6.1
7121008.2274: SizeOfImage: 0x43000 (274432)
7131008.2274: Resource Dir: 0x41000 LB 0x598
7141008.2274: ProductName: AVG Internet Security
7151008.2274: ProductVersion: 13.0.0.3458
7161008.2274: FileVersion: 13.0.0.3458
7171008.2274: SpecialBuild: AvgVC10_2013_1124_235635(3458), SVNRev ad13232 (release/SmallUpdate2013-06)
7181008.2274: PrivateBuild: x64 Release_Unicode_DRIVER_wlh
7191008.2274: FileDescription: IDS Application Activity Monitor Driver.
7201008.2274: \SystemRoot\System32\drivers\avgidsha.sys:
7211008.2274: CreationTime: 2013-07-20T00:50:56.000000000Z
7221008.2274: LastWriteTime: 2013-07-20T00:50:56.000000000Z
7231008.2274: ChangeTime: 2013-09-20T07:51:19.216915000Z
7241008.2274: FileAttributes: 0x20
7251008.2274: Size: 0x11738
7261008.2274: NT Headers: 0xd8
7271008.2274: Timestamp: 0x51e9cccc
7281008.2274: Machine: 0x8664 - amd64
7291008.2274: Timestamp: 0x51e9cccc
7301008.2274: Image Version: 6.1
7311008.2274: SizeOfImage: 0x15000 (86016)
7321008.2274: Resource Dir: 0x13000 LB 0x5a8
7331008.2274: ProductName: AVG Internet Security
7341008.2274: ProductVersion: 13.0.0.3388
7351008.2274: FileVersion: 13.0.0.3388
7361008.2274: SpecialBuild: AvgVC10_2013_0719_235840(3388), SVNRev b6c9856 (release/SmallUpdate2013-05)
7371008.2274: PrivateBuild: x64 Release_Unicode_DRIVER_wlh
7381008.2274: FileDescription: IDS Application Activity Monitor Helper Driver.
7391008.2274: \SystemRoot\System32\drivers\avgtdia.sys:
7401008.2274: CreationTime: 2014-10-17T15:34:46.000000000Z
7411008.2274: LastWriteTime: 2014-10-17T15:34:46.000000000Z
7421008.2274: ChangeTime: 2014-11-21T13:49:00.937407700Z
7431008.2274: FileAttributes: 0x20
7441008.2274: Size: 0x3ad38
7451008.2274: NT Headers: 0xd8
7461008.2274: Timestamp: 0x544118f4
7471008.2274: Machine: 0x8664 - amd64
7481008.2274: Timestamp: 0x544118f4
7491008.2274: Image Version: 6.1
7501008.2274: SizeOfImage: 0x3f000 (258048)
7511008.2274: Resource Dir: 0x3d000 LB 0x508
7521008.2274: ProductName: AVG Internet Security
7531008.2274: ProductVersion: 13.0.0.3491
7541008.2274: FileVersion: 13.0.0.3491
7551008.2274: SpecialBuild: AvgVC10_2014_1017_135430(3491), SVNRev 904609031cc94b28fb1bdcace39081348987c40d (release/HotFix2013-18)
7561008.2274: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
7571008.2274: FileDescription: AVG Network connection watcher
7581008.2274: \SystemRoot\System32\drivers\avgloga.sys:
7591008.2274: CreationTime: 2013-07-20T00:51:00.000000000Z
7601008.2274: LastWriteTime: 2013-07-20T00:51:00.000000000Z
7611008.2274: ChangeTime: 2013-09-20T07:51:15.768477100Z
7621008.2274: FileAttributes: 0x20
7631008.2274: Size: 0x4c138
7641008.2274: NT Headers: 0xd0
7651008.2274: Timestamp: 0x51e9ccbc
7661008.2274: Machine: 0x8664 - amd64
7671008.2274: Timestamp: 0x51e9ccbc
7681008.2274: Image Version: 6.1
7691008.2274: SizeOfImage: 0x4e000 (319488)
7701008.2274: Resource Dir: 0x4c000 LB 0x4b0
7711008.2274: ProductName: AVG Internet Security
7721008.2274: ProductVersion: 13.0.0.3388
7731008.2274: FileVersion: 13.0.0.3388
7741008.2274: SpecialBuild: AvgVC10_2013_0719_235840(3388), SVNRev b6c9856 (release/SmallUpdate2013-05)
7751008.2274: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
7761008.2274: FileDescription: AVG Logging Driver
7771008.2274: \SystemRoot\System32\drivers\avgldx64.sys:
7781008.2274: CreationTime: 2014-11-04T00:30:04.000000000Z
7791008.2274: LastWriteTime: 2014-11-04T00:30:04.000000000Z
7801008.2274: ChangeTime: 2014-11-21T13:48:58.654277100Z
7811008.2274: FileAttributes: 0x20
7821008.2274: Size: 0x33338
7831008.2274: NT Headers: 0xd0
7841008.2274: Timestamp: 0x54580cb7
7851008.2274: Machine: 0x8664 - amd64
7861008.2274: Timestamp: 0x54580cb7
7871008.2274: Image Version: 6.1
7881008.2274: SizeOfImage: 0x37000 (225280)
7891008.2274: Resource Dir: 0x35000 LB 0x4f8
7901008.2274: ProductName: AVG Internet Security
7911008.2274: ProductVersion: 13.0.0.3494
7921008.2274: FileVersion: 13.0.0.3494
7931008.2274: SpecialBuild: AvgVC10_2014_1103_224628(3494), SVNRev 5014554899867ee5e408d33bd7ebe12631b8062d (release/HotFix2013-18)
7941008.2274: PrivateBuild: x64 Release_Unicode_DRIVER_wnet
7951008.2274: FileDescription: AVG AVI Loader Driver
7961008.2274: Calling main()
7971008.2274: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
7981008.2274: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
7991008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
8001008.2274: SUPR3HardenedMain: Final process, opening VBoxDrv...
8011008.2274: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000320000 LB 0x400000)
8021008.2274: supR3HardNtEnableThreadCreation:
8031008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
8041008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
8051008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000805d50:C:\Windows\system32 [calling]
8061008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
8071008.2274: supR3HardenedDllNotificationCallback: load 000007fef2230000 LB 0x00004000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
8081008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
8091008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
8101008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
8111008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2230000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
8121008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
8131008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
8141008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2230000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
8151008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2230000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
8161008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8171008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
8181008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
8191008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
8201008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll)
8211008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
8221008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8231008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8241008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
8251008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
8261008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
8271008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
8281008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll)
8291008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll
8301008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
8311008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
8321008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8331008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
8341008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll)
8351008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
8361008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8371008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8381008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
8391008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
8401008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
8411008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
8421008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
8431008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8441008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8451008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8461008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000805d50:C:\Windows\system32 [calling]
8471008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
8481008.2274: supR3HardenedDllNotificationCallback: load 000007fefcba0000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
8491008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
8501008.2274: supR3HardenedDllNotificationCallback: load 000007fefe2e0000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
8511008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8521008.2274: supR3HardenedDllNotificationCallback: load 000007fefcbe0000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
8531008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8541008.2274: supR3HardenedDllNotificationCallback: load 000007fefca60000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
8551008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
8561008.2274: supR3HardenedDllNotificationCallback: load 000007fefe380000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
8571008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8581008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcba0000 'C:\Windows\system32\Wintrust.dll'
8591008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll)
8601008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
8611008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
8621008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
8631008.2274: supR3HardenedDllNotificationCallback: load 000007fefc250000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
8641008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
8651008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc250000 'C:\Windows\system32\CRYPTSP.dll'
8661008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8671008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll)
8681008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
8691008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8701008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8711008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8721008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
8731008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8741008.2274: supR3HardenedDllNotificationCallback: load 000007fefbf20000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
8751008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8761008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbf20000 'C:\Windows\system32\rsaenh.dll'
8771008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8781008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
8791008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
8801008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
8811008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8821008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8831008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8841008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8851008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8861008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8871008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
8881008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8891008.2274: supR3HardenedDllNotificationCallback: load 000007fefedd0000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
8901008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8911008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
8921008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
8931008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
8941008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
8951008.2274: supR3HardenedDllNotificationCallback: load 000007fefecd0000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
8961008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
8971008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedd0000 'C:\Windows\system32\ADVAPI32.dll'
8981008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
8991008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
9001008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9011008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9021008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
9031008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9041008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9051008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9061008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
9071008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
9081008.2274: supR3HardenedDllNotificationCallback: load 000007fefc8b0000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
9091008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
9101008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc8b0000 'C:\Windows\system32\CRYPTBASE.dll'
9111008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
9121008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
9131008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077950000 'C:\Windows\system32\kernel32.dll'
9141008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
9151008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
9161008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcba0000 'C:\Windows\system32\WINTRUST.DLL'
9171008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
9181008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
9191008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcbe0000 'C:\Windows\system32\CRYPT32.dll'
9201008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9211008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
9221008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll)
9231008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll
9241008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
9251008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
9261008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
9271008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9281008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9291008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9301008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
9311008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
9321008.2274: supR3HardenedDllNotificationCallback: load 000007fefeeb0000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
9331008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
9341008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeeb0000 'C:\Windows\system32\imagehlp.dll'
9351008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
9361008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
9371008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc250000 'C:\Windows\system32\CRYPTSP.dll'
9381008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
9391008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
9401008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
9411008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9421008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9431008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
9441008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
9451008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
9461008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
9471008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
9481008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume3\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
9491008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
9501008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
9511008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
9521008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\lpk.dll)
9531008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\lpk.dll
9541008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9551008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9561008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
9571008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
9581008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume3\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
9591008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9601008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
9611008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
9621008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\usp10.dll)
9631008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\usp10.dll
9641008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9651008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9661008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
9671008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9681008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9691008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9701008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9711008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9721008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9731008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9741008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9751008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
9761008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9771008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9781008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9791008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
9801008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
9811008.2274: supR3HardenedDllNotificationCallback: load 0000000077850000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
9821008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
9831008.2274: supR3HardenedDllNotificationCallback: load 000007fefe260000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
9841008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9851008.2274: supR3HardenedDllNotificationCallback: load 000007fefe2d0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
9861008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\lpk.dll [lacks WinVerifyTrust]
9871008.2274: supR3HardenedDllNotificationCallback: load 000007fefeed0000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0]
9881008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\usp10.dll [lacks WinVerifyTrust]
9891008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9901008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
9911008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe260000 'C:\Windows\system32\gdi32.dll'
9921008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
9931008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
9941008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
9951008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
9961008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
9971008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
9981008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume3\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
9991008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10001008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
10011008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
10021008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
10031008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
10041008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
10051008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10061008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10071008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10081008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10091008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10101008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10111008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
10121008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
10131008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
10141008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10151008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10161008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10171008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10181008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10191008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10201008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10211008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10221008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10231008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
10241008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
10251008.2274: supR3HardenedDllNotificationCallback: load 000007fefec00000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
10261008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
10271008.2274: supR3HardenedDllNotificationCallback: load 000007fefe8e0000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
10281008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msctf.dll [lacks WinVerifyTrust]
10291008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec00000 'C:\Windows\system32\IMM32.DLL'
10301008.2274: \Device\HarddiskVolume3\Windows\System32\nvinitx.dll: Owner is administrators group.
10311008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
10321008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
10331008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nvinitx.dll)
10341008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nvinitx.dll
10351008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
10361008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
10371008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
10381008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10391008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10401008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10411008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\nvinitx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
10421008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nvinitx.dll [lacks WinVerifyTrust]
10431008.2274: supR3HardenedDllNotificationCallback: load 000007fefc980000 LB 0x00040000 C:\Windows\system32\nvinitx.dll [fFlags=0x0]
10441008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nvinitx.dll [lacks WinVerifyTrust]
10451008.2274: \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll: Owner is administrators group.
10461008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll)
10471008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll
10481008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
10491008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll [lacks WinVerifyTrust]
10501008.2274: supR3HardenedDllNotificationCallback: load 000000000f000000 LB 0x00006000 C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll [fFlags=0x0]
10511008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll [lacks WinVerifyTrust]
10521008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000000000f000000 'C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll'
10531008.2274: \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll: Owner is administrators group.
10541008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'detoured.dll'.
10551008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
10561008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
10571008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
10581008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll)
10591008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll
10601008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
10611008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
10621008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
10631008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
10641008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
10651008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
10661008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
10671008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
10681008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
10691008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\setupapi.dll)
10701008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\setupapi.dll
10711008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10721008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10731008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10741008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10751008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10761008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10771008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'detoured.dll'...
10781008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'detoured.dll' -> '\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll' [rcNtRedir=0xc0150008]
10791008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll [lacks WinVerifyTrust]
10801008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
10811008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
10821008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10831008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
10841008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\devobj.dll)
10851008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
10861008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
10871008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
10881008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
10891008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
10901008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
10911008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
10921008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
10931008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll)
10941008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
10951008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10961008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10971008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
10981008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10991008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11001008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
11011008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11021008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11031008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11041008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11051008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11061008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11071008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
11081008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
11091008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11101008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
11111008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
11121008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
11131008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
11141008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
11151008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
11161008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
11171008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11181008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11191008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
11201008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11211008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11221008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11231008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11241008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11251008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11261008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11271008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11281008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
11291008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11301008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11311008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
11321008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11331008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11341008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11351008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
11361008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
11371008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11381008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
11391008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
11401008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
11411008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\ole32.dll)
11421008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
11431008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
11441008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
11451008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
11461008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11471008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11481008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11491008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11501008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11511008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
11521008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11531008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11541008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
11551008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11561008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11571008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11581008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11591008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11601008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11611008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
11621008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll [lacks WinVerifyTrust]
11631008.2274: supR3HardenedDllNotificationCallback: load 000007fef92a0000 LB 0x00054000 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll [fFlags=0x0]
11641008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll [lacks WinVerifyTrust]
11651008.2274: supR3HardenedDllNotificationCallback: load 000007fefe700000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
11661008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
11671008.2274: supR3HardenedDllNotificationCallback: load 000007fefcb50000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
11681008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
11691008.2274: supR3HardenedDllNotificationCallback: load 000007fefe130000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
11701008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
11711008.2274: supR3HardenedDllNotificationCallback: load 000007fefe9f0000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
11721008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
11731008.2274: supR3HardenedDllNotificationCallback: load 000007fefca70000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
11741008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [lacks WinVerifyTrust]
11751008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
11761008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077950000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
11771008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92a0000 'C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll'
11781008.2274: \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll: Owner is administrators group.
11791008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'detoured.dll'.
11801008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
11811008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
11821008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
11831008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll)
11841008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll
11851008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
11861008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
11871008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll [lacks WinVerifyTrust]
11881008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11891008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11901008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11911008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11921008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11931008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
11941008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'detoured.dll'...
11951008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'detoured.dll' -> '\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll' [rcNtRedir=0xc0150008]
11961008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll [lacks WinVerifyTrust]
11971008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
11981008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll [lacks WinVerifyTrust]
11991008.2274: supR3HardenedDllNotificationCallback: load 000007fef91f0000 LB 0x00043000 C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll [fFlags=0x0]
12001008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll [lacks WinVerifyTrust]
12011008.2274: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvd3d9wrapx.dll': 0 (NtPath=\??\C:\Windows\system32\nvd3d9wrapx.dll; Input=nvd3d9wrapx.dll)
12021008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\nvd3d9wrapx.dll (Input=nvd3d9wrapx.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
12031008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\nvd3d9wrapx.dll'
12041008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef91f0000 'C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll'
12051008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc980000 'C:\Windows\system32\nvinitx.dll'
12061008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077850000 'C:\Windows\system32\USER32.dll'
12071008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
12081008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
12091008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
12101008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\ncrypt.dll)
12111008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ncrypt.dll
12121008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
12131008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
12141008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
12151008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12161008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12171008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
12181008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
12191008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
12201008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
12211008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
12221008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
12231008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
12241008.2274: supR3HardenedDllNotificationCallback: load 000007fefc3d0000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
12251008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
12261008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
12271008.2274: supR3HardenedDllNotificationCallback: load 000007fefc3a0000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
12281008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
12291008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc3d0000 'C:\Windows\system32\ncrypt.dll'
12301008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
12311008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
12321008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
12331008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
12341008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
12351008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
12361008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
12371008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12381008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12391008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
12401008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
12411008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
12421008.2274: supR3HardenedDllNotificationCallback: load 000007fefbe10000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
12431008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
12441008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbe10000 'C:\Windows\system32\bcryptprimitives.dll'
12451008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
12461008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
12471008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc3a0000 'C:\Windows\system32\bcrypt.dll'
12481008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12491008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
12501008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
12511008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\userenv.dll)
12521008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll
12531008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
12541008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
12551008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12561008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
12571008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
12581008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12591008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12601008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
12611008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12621008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12631008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
12641008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12651008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12661008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
12671008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
12681008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\userenv.dll [lacks WinVerifyTrust]
12691008.2274: supR3HardenedDllNotificationCallback: load 0000000000320000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
12701008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\userenv.dll [lacks WinVerifyTrust]
12711008.2274: supR3HardenedDllNotificationCallback: load 000007fefca50000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
12721008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust]
12731008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000000320000 'C:\Windows\system32\USERENV.dll'
12741008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
12751008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
12761008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
12771008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
12781008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12791008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
12801008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll)
12811008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll
12821008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12831008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12841008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
12851008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12861008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12871008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
12881008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
12891008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
12901008.2274: supR3HardenedDllNotificationCallback: load 000007fefbc70000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
12911008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
12921008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbc70000 'C:\Windows\system32\GPAPI.dll'
12931008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
12941008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
12951008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
12961008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe380000 'C:\Windows\system32\rpcrt4.dll'
12971008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
12981008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
12991008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13001008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
13011008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13021008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
13031008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
13041008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
13051008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll)
13061008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
13071008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
13081008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume3\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
13091008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13101008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\Wldap32.dll)
13111008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\Wldap32.dll
13121008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
13131008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
13141008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
13151008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13161008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
13171008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
13181008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13191008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13201008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
13211008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13221008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13231008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
13241008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13251008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13261008.2274: supR3HardenedDllNotificationCallback: load 000007fef7990000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
13271008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13281008.2274: supR3HardenedDllNotificationCallback: load 000007fefecf0000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
13291008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
13301008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13311008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13321008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13331008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13341008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13351008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13361008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13371008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13381008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13391008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13401008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13411008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13421008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13431008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13441008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13451008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13461008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13471008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13481008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13491008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13501008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13511008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13521008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13531008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13541008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13551008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13561008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13571008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13581008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13591008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
13601008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
13611008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13621008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
13631008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust]
13641008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13651008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca50000 'C:\Windows\system32\profapi.dll'
13661008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
13671008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
13681008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
13691008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
13701008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
13711008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13721008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13731008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
13741008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13751008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13761008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
13771008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13781008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13791008.2274: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13801008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13811008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
13821008.2274: supR3HardenedDllNotificationCallback: load 000007fefed50000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
13831008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
13841008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed50000 'C:\Windows\system32\SHLWAPI.dll'
13851008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
13861008.2274: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000008bbd70
13871008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
13881008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=771D512B7B1C39F0393BD4EF9FC62F442783FB35
13891008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13901008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
13911008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13921008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
13931008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13941008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
13951008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
13961008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13971008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedd0000 'C:\Windows\system32\ADVAPI32.dll'
13981008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
13991008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
14001008.2274: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
14011008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
14021008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2882822~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\SystemRoot\System32\ntdll.dll'
14031008.2274: g_pfnWinVerifyTrust=000007fefcba1010
14041008.2274: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
14051008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume3\Windows\System32\crypt32.dll
14061008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14071008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14081008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E4581771CBFFF32DF331EF17B5C5FD7E1F614302
14091008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_136_for_KB2949927~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
14101008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14111008.2274: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
14121008.2274: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
14131008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume3\Windows\System32\wintrust.dll
14141008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14151008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14161008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=108407301192217C74BC9FE609CA642A66DBE98B
14171008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_91_for_KB2949927~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
14181008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14191008.2274: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
14201008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000420 pwszName=\Device\HarddiskVolume3\Windows\System32\shlwapi.dll
14211008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14221008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14231008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
14241008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
14251008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14261008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
14271008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000418 pwszName=\Device\HarddiskVolume3\Windows\System32\Wldap32.dll
14281008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14291008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14301008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
14311008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\Wldap32.dll'
14321008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14331008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\Wldap32.dll'
14341008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000414 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptnet.dll
14351008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14361008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14371008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C1C670A9871F2BD448B2F0FA6127AC7A486B8D8F
14381008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_91_for_KB2949927~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
14391008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14401008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
14411008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000002d0 pwszName=\Device\HarddiskVolume3\Windows\System32\gpapi.dll
14421008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14431008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14441008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
14451008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
14461008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14471008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
14481008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000023c pwszName=\Device\HarddiskVolume3\Windows\System32\profapi.dll
14491008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14501008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14511008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
14521008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\profapi.dll'
14531008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14541008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
14551008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000238 pwszName=\Device\HarddiskVolume3\Windows\System32\userenv.dll
14561008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14571008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14581008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
14591008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\userenv.dll'
14601008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14611008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\userenv.dll'
14621008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
14631008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000210 pwszName=\Device\HarddiskVolume3\Windows\System32\bcrypt.dll
14641008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14651008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14661008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
14671008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
14681008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14691008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
14701008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000020c pwszName=\Device\HarddiskVolume3\Windows\System32\ncrypt.dll
14711008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14721008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14731008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D68DA0EBD4E0AA6C401CF7C54CEA904099DD3933
14741008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB2992611~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\ncrypt.dll'
14751008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14761008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ncrypt.dll'
14771008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000208 pwszName=\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll
14781008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14791008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14801008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=779E27C553C7BBCA68DFB38531DD596CDE8E03BB
14811008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem162.CAT'; file='\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll'
14821008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14831008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll'
14841008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c8 pwszName=\Device\HarddiskVolume3\Windows\System32\ole32.dll
14851008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14861008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14871008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E64AE329BD5124592BC8CB0B327AA3B95DC65B7
14881008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\ole32.dll'
14891008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14901008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ole32.dll'
14911008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
14921008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
14931008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
14941008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
14951008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
14961008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14971008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
14981008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c0 pwszName=\Device\HarddiskVolume3\Windows\System32\oleaut32.dll
14991008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15001008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15011008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=59C9A3379D97CB80EFB9D9152AF4E0240DDF8B29
15021008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3006226~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume3\Windows\System32\oleaut32.dll'
15031008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15041008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll'
15051008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001bc pwszName=\Device\HarddiskVolume3\Windows\System32\devobj.dll
15061008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15071008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15081008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
15091008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\devobj.dll'
15101008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15111008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\devobj.dll'
15121008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b8 pwszName=\Device\HarddiskVolume3\Windows\System32\setupapi.dll
15131008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15141008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15151008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
15161008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\setupapi.dll'
15171008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15181008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\setupapi.dll'
15191008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b4 pwszName=\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll
15201008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15211008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15221008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=21D64ABE2D92E506501441B9C82F401FBD59AB6F
15231008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem162.CAT'; file='\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll'
15241008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15251008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll'
15261008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001b0 pwszName=\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll
15271008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15281008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15291008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0F8698A026E11A08C881A657EBEF003ACEB45DEC
15301008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem162.CAT'; file='\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll'
15311008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15321008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll'
15331008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\nvinitx.dll'
15341008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000018c pwszName=\Device\HarddiskVolume3\Windows\System32\msctf.dll
15351008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15361008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15371008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
15381008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\msctf.dll'
15391008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15401008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll'
15411008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000188 pwszName=\Device\HarddiskVolume3\Windows\System32\imm32.dll
15421008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15431008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15441008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
15451008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\imm32.dll'
15461008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15471008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll'
15481008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000184 pwszName=\Device\HarddiskVolume3\Windows\System32\usp10.dll
15491008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15501008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15511008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
15521008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2957509~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\usp10.dll'
15531008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15541008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\usp10.dll'
15551008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume3\Windows\System32\lpk.dll
15561008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15571008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15581008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FCA4D678614C8615E6E5C082BF3A4562FCF14EB
15591008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2847311~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\lpk.dll'
15601008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15611008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\lpk.dll'
15621008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume3\Windows\System32\gdi32.dll
15631008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15641008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15651008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9
15661008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2993651~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
15671008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15681008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
15691008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume3\Windows\System32\user32.dll
15701008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15711008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15721008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
15731008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\user32.dll'
15741008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15751008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll'
15761008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume3\Windows\System32\imagehlp.dll
15771008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15781008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15791008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
15801008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
15811008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15821008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
15831008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptbase.dll
15841008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15851008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15861008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
15871008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
15881008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15891008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
15901008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000114 pwszName=\Device\HarddiskVolume3\Windows\System32\sechost.dll
15911008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15921008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
15931008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
15941008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\sechost.dll'
15951008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15961008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
15971008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000108 pwszName=\Device\HarddiskVolume3\Windows\System32\advapi32.dll
15981008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
15991008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
16001008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4
16011008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2882822~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
16021008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16031008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
16041008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll'
16051008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptsp.dll
16061008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
16071008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
16081008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FE601E1BC89E11CA16D1CA31315BC348EFAF0C74
16091008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_91_for_KB2949927~31bf3856ad364e35~amd64~~6.1.1.5.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
16101008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16111008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
16121008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume3\Windows\System32\msvcrt.dll
16131008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
16141008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
16151008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
16161008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
16171008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16181008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
16191008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume3\Windows\System32\msasn1.dll
16201008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
16211008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
16221008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
16231008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
16241008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16251008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
16261008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
16271008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
16281008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
16291008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12
16301008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2978668~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
16311008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16321008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
16331008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
16341008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume3\Windows\System32\KernelBase.dll
16351008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
16361008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
16371008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=57EB6F834C5A5D9585A660D91756134028A3B089
16381008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB2871997~31bf3856ad364e35~amd64~~6.1.2.5.cat'; file='\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
16391008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16401008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
16411008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume3\Windows\System32\kernel32.dll
16421008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
16431008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
16441008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
16451008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB2871997~31bf3856ad364e35~amd64~~6.1.2.5.cat'; file='\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
16461008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16471008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
16481008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
16491008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf2450:C:\Windows\system32 [calling]
16501008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcbe0000 'C:\Windows\system32\crypt32.dll'
16511008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x19acf31cfef4e900 CN=localhost, O=Skype Click to Call, OU=Skype Click to Call
16521008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
16531008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
16541008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
16551008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
16561008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
16571008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
16581008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
16591008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
16601008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
16611008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
16621008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
16631008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
16641008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
16651008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
16661008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xff3891b54348328 C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
16671008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
16681008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
16691008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
16701008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
16711008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
16721008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
16731008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x6b1d5e81c965198 L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 3 Policy Validation Authority, CN=http://www.valicert.com/, Email=info@valicert.com
16741008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
16751008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
16761008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
16771008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
16781008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
16791008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
16801008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
16811008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
16821008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
16831008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x9259c8abe5ca713a L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com/, Email=info@valicert.com
16841008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
16851008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
16861008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
16871008.2274: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
16881008.2274: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=37
16891008.2274: SUPR3HardenedMain: Load Runtime...
16901008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
16911008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
16921008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
16931008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
16941008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll)WinVerifyTrust
16951008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
16961008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16971008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16981008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
16991008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
17001008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e4 pwszName=\Device\HarddiskVolume3\Windows\System32\ws2_32.dll
17011008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
17021008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
17031008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
17041008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
17051008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17061008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17071008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
17081008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
17091008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll)WinVerifyTrust
17101008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
17111008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17121008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17131008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
17141008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll)WinVerifyTrust
17151008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
17161008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17171008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17181008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll)WinVerifyTrust
17191008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
17201008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17211008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17221008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
17231008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
17241008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
17251008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000488 pwszName=\Device\HarddiskVolume3\Windows\System32\nsi.dll
17261008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
17271008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
17281008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
17291008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\nsi.dll'
17301008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17311008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll)WinVerifyTrust
17321008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
17331008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17341008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17351008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17361008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17371008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
17381008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
17391008.2274: supR3HardenedDllNotificationCallback: load 000007feec640000 LB 0x00531000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
17401008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
17411008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
17421008.2274: supR3HardenedDllNotificationCallback: load 0000000054d00000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
17431008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
17441008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
17451008.2274: supR3HardenedDllNotificationCallback: load 00000000677b0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
17461008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
17471008.2274: supR3HardenedDllNotificationCallback: load 000007fefe210000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
17481008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
17491008.2274: supR3HardenedDllNotificationCallback: load 000007fefd020000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
17501008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll
17511008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
17521008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
17531008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17541008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
17551008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
17561008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17571008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
17581008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
17591008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17601008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
17611008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
17621008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17631008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
17641008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
17651008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17661008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
17671008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
17681008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17691008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17701008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17711008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17721008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17731008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17741008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17751008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17761008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
17771008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
17781008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17791008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17801008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17811008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17821008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17831008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17841008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17851008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17861008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17871008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17881008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17891008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17901008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17911008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17921008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17931008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17941008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
17951008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000806d80:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\bin\;C:\Program Files (x86)\NVIDIA GPU Computing Toolkit\CUDA\v5.0\libnvvp\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\Program Files (x86)\CMake 2.8\bin;C:\Program Files (x86)\Bitvise SSH Client;C:\Users\wireWAX\Libraries\Qt\4.7.1\bin;C:\Users\wireWAX\Libraries\irrlicht-1.7.3\bin\Win32-VisualStudio;C:\Program Files\MATLAB\R2012b\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\PrimeSense\NITE\bin64;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files (x86)\OpenNI\Bin;C:\Program Files (x86)\PrimeSense\NITE\bin;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\QuickTime\QTSystem\ [calling]
17961008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17971008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17981008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
17991008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec640000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
18001008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
18011008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bff470:C:\Windows\system32 [calling]
18021008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcba0000 'C:\Windows\system32\Wintrust.dll'
18031008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
18041008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bff470:C:\Windows\system32 [calling]
18051008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcbe0000 'C:\Windows\system32\crypt32.dll'
18061008.2274: SUPR3HardenedMain: Load TrustedMain...
18071008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
18081008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
18091008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
18101008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
18111008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
18121008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
18131008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
18141008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
18151008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
18161008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
18171008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
18181008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
18191008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
18201008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
18211008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
18221008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
18231008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll)WinVerifyTrust
18241008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
18251008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
18261008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
18271008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000534 pwszName=\Device\HarddiskVolume3\Windows\System32\winmm.dll
18281008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
18291008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
18301008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
18311008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\winmm.dll'
18321008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18331008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
18341008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
18351008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll)WinVerifyTrust
18361008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
18371008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
18381008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
18391008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000051c pwszName=\Device\HarddiskVolume3\Windows\System32\comdlg32.dll
18401008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
18411008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
18421008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
18431008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\comdlg32.dll'
18441008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18451008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18461008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
18471008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
18481008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
18491008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
18501008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
18511008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comdlg32.dll)WinVerifyTrust
18521008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
18531008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
18541008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
18551008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
18561008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
18571008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
18581008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
18591008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
18601008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
18611008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000540 pwszName=\Device\HarddiskVolume3\Windows\System32\shell32.dll
18621008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
18631008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
18641008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8D11B9B481EE916E64C94F8ECA71C2995A2999B7
18651008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2980245~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\shell32.dll'
18661008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18671008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18681008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
18691008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
18701008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
18711008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)WinVerifyTrust
18721008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
18731008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18741008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
18751008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18761008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18771008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18781008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18791008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
18801008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
18811008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
18821008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
18831008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
18841008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
18851008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
18861008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
18871008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)WinVerifyTrust
18881008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
18891008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
18901008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008]
18911008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
18921008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
18931008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
18941008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll)WinVerifyTrust
18951008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
18961008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
18971008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
18981008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
18991008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
19001008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
19011008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
19021008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
19031008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
19041008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
19051008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
19061008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
19071008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
19081008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
19091008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
19101008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
19111008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)WinVerifyTrust
19121008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
19131008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
19141008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
19151008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
19161008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
19171008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
19181008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
19191008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
19201008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
19211008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)WinVerifyTrust
19221008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
19231008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19241008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19251008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
19261008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
19271008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
19281008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
19291008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19301008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19311008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
19321008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
19331008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000560 pwszName=\Device\HarddiskVolume3\Windows\System32\opengl32.dll
19341008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
19351008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
19361008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
19371008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
19381008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19391008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19401008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
19411008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
19421008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
19431008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
19441008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
19451008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)WinVerifyTrust
19461008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
19471008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19481008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19491008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
19501008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
19511008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume3\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
19521008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000530 pwszName=\Device\HarddiskVolume3\Windows\System32\ddraw.dll
19531008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
19541008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
19551008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
19561008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume3\Windows\System32\ddraw.dll'
19571008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19581008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19591008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
19601008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
19611008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
19621008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
19631008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
19641008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ddraw.dll)WinVerifyTrust
19651008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ddraw.dll
19661008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
19671008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
19681008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000544 pwszName=\Device\HarddiskVolume3\Windows\System32\glu32.dll
19691008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
19701008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
19711008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
19721008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume3\Windows\System32\glu32.dll'
19731008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19741008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19751008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
19761008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
19771008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)WinVerifyTrust
19781008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
19791008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19801008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
19811008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19821008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
19831008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19841008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19851008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19861008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19871008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
19881008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
19891008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
19901008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
19911008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
19921008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
19931008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
19941008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19951008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
19961008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
19971008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
19981008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
19991008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20001008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20011008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20021008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20031008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
20041008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
20051008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
20061008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
20071008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
20081008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
20091008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
20101008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
20111008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
20121008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
20131008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
20141008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
20151008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20161008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20171008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
20181008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
20191008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
20201008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
20211008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume3\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
20221008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000548 pwszName=\Device\HarddiskVolume3\Windows\System32\winspool.drv
20231008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
20241008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
20251008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
20261008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\winspool.drv'
20271008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20281008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20291008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
20301008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
20311008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winspool.drv)WinVerifyTrust
20321008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winspool.drv
20331008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
20341008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
20351008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
20361008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
20371008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
20381008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
20391008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
20401008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
20411008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
20421008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
20431008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
20441008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
20451008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
20461008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
20471008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20481008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20491008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
20501008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
20511008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
20521008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
20531008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
20541008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
20551008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
20561008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20571008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20581008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
20591008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
20601008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
20611008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
20621008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
20631008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
20641008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
20651008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20661008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20671008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
20681008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
20691008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
20701008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
20711008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
20721008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
20731008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
20741008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
20751008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20761008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20771008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
20781008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
20791008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
20801008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20811008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20821008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
20831008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
20841008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
20851008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
20861008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
20871008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000550 pwszName=\Device\HarddiskVolume3\Windows\System32\comctl32.dll
20881008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
20891008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
20901008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5A2FB6B10717AFC03CD9FE6E8F1337A8EA94BF9B
20911008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2864058~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\comctl32.dll'
20921008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20931008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
20941008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
20951008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
20961008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\comctl32.dll)WinVerifyTrust
20971008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\comctl32.dll
20981008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
20991008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21001008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21011008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21021008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
21031008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
21041008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
21051008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21061008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21071008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21081008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21091008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21101008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21111008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21121008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21131008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21141008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21151008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21161008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
21171008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21181008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21191008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21201008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21211008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21221008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21231008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21241008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21251008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
21261008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
21271008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
21281008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21291008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21301008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
21311008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
21321008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000570 pwszName=\Device\HarddiskVolume3\Windows\System32\dwmapi.dll
21331008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
21341008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
21351008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
21361008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'
21371008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21381008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21391008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
21401008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
21411008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dwmapi.dll)WinVerifyTrust
21421008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
21431008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
21441008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
21451008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
21461008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21471008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21481008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
21491008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume3\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
21501008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000580 pwszName=\Device\HarddiskVolume3\Windows\System32\dciman32.dll
21511008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
21521008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
21531008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F097BF0B081F54722F0A01EF1CC13AECA64B12F0
21541008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2847311~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\dciman32.dll'
21551008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21561008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21571008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
21581008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
21591008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dciman32.dll)WinVerifyTrust
21601008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dciman32.dll
21611008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21621008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21631008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21641008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21651008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21661008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21671008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21681008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21691008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21701008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21711008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21721008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21731008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21741008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21751008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21761008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21771008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
21781008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
21791008.2274: supR3HardenedDllNotificationCallback: load 000007feebdc0000 LB 0x00873000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
21801008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.dll
21811008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
21821008.2274: supR3HardenedDllNotificationCallback: load 000007fef18b0000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
21831008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
21841008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\glu32.dll
21851008.2274: supR3HardenedDllNotificationCallback: load 000007fefad80000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
21861008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\glu32.dll
21871008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ddraw.dll
21881008.2274: supR3HardenedDllNotificationCallback: load 000007fefaac0000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
21891008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ddraw.dll
21901008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dciman32.dll
21911008.2274: supR3HardenedDllNotificationCallback: load 000007fefad70000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
21921008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dciman32.dll
21931008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
21941008.2274: supR3HardenedDllNotificationCallback: load 000007fefaf90000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
21951008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
21961008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
21971008.2274: supR3HardenedDllNotificationCallback: load 0000000054650000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
21981008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
21991008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
22001008.2274: supR3HardenedDllNotificationCallback: load 0000000053ce0000 LB 0x00969000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
22011008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
22021008.2274: supR3HardenedDllNotificationCallback: load 000007fefd030000 LB 0x00097000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
22031008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\comdlg32.dll
22041008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
22051008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
22061008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
22071008.2274: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll)
22081008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
22091008.2274: supR3HardenedDllNotificationCallback: load 000007fef8690000 LB 0x000a0000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\COMCTL32.dll [fFlags=0x0]
22101008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll [avoiding WinVerifyTrust]
22111008.2274: supR3HardenedDllNotificationCallback: load 000007fefd0d0000 LB 0x00d88000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
22121008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
22131008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
22141008.2274: supR3HardenedDllNotificationCallback: load 000007fefa2e0000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
22151008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
22161008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winspool.drv
22171008.2274: supR3HardenedDllNotificationCallback: load 000007fef9360000 LB 0x00071000 C:\Windows\system32\WINSPOOL.DRV [fFlags=0x0]
22181008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winspool.drv
22191008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
22201008.2274: supR3HardenedDllNotificationCallback: load 0000000053ac0000 LB 0x00105000 C:\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0]
22211008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
22221008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
22231008.2274: supR3HardenedDllNotificationCallback: load 00000000539e0000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
22241008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
22251008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000574 pwszName=\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
22261008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
22271008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
22281008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5A2FB6B10717AFC03CD9FE6E8F1337A8EA94BF9B
22291008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2864058~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll'
22301008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22311008.2274: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll'
22321008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
22331008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
22341008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
22351008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
22361008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
22371008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
22381008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
22391008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b0380:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22401008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec00000 'C:\Windows\system32\imm32.dll'
22411008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebdc0000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
22421008.2274: SUPR3HardenedMain: Calling TrustedMain (000007feebdc1ca0)...
22431008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
22441008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22451008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2e0000 'C:\Windows\system32\winmm.dll'
22461008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005e0 pwszName=\Device\HarddiskVolume3\Windows\System32\uxtheme.dll
22471008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
22481008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
22491008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
22501008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
22511008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22521008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
22531008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
22541008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
22551008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll)WinVerifyTrust
22561008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
22571008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
22581008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
22591008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
22601008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
22611008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22621008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22631008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf3be0:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22641008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
22651008.2274: supR3HardenedDllNotificationCallback: load 000007fefb3c0000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
22661008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
22671008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\uxtheme.dll'
22681008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
22691008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf3be0:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22701008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\uxtheme.dll'
22711008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
22721008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf44d0:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22731008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\uxtheme.dll'
22741008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
22751008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf44d0:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22761008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\uxtheme.dll'
22771008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
22781008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22791008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaf90000 'C:\Windows\system32\dwmapi.dll'
22801008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
22811008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22821008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc8b0000 'C:\Windows\system32\CRYPTBASE.dll'
22831008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
22841008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22851008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0d0000 'C:\Windows\system32\shell32.dll'
22861008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
22871008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22881008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077950000 'C:\Windows\system32\kernel32.dll'
22891008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
22901008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22911008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\uxtheme.dll'
22921008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
22931008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22941008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\uxtheme.dll'
22951008.2274: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll)
22961008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
22971008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
22981008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077850000 'C:\Windows\system32\user32.dll'
22991008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
23001008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23011008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb3c0000 'C:\Windows\system32\uxtheme.dll'
23021008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
23031008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23041008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077850000 'C:\Windows\system32\user32.dll'
23051008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedd0000 'C:\Windows\system32\advapi32.dll'
23061008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
23071008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23081008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000000320000 'C:\Windows\system32\userenv.dll'
23091008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
23101008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23111008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077950000 'C:\Windows\system32\kernel32.dll'
23121008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000634 pwszName=\Device\HarddiskVolume3\Windows\System32\clbcatq.dll
23131008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
23141008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
23151008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
23161008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\clbcatq.dll'
23171008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23181008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23191008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
23201008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
23211008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
23221008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
23231008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
23241008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)WinVerifyTrust
23251008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
23261008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
23271008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
23281008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23291008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23301008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
23311008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23321008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
23331008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
23341008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23351008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23361008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23371008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
23381008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
23391008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23401008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23411008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
23421008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23431008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
23441008.2274: supR3HardenedDllNotificationCallback: load 000007fefec30000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
23451008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
23461008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec30000 'C:\Windows\system32\CLBCatQ.DLL'
23471008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedd0000 'C:\Windows\system32\ADVAPI32.dll'
23481008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
23491008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b0410:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23501008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc250000 'C:\Windows\system32\CRYPTSP.dll'
23511008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000654 pwszName=\Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll
23521008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
23531008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
23541008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
23551008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll'
23561008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23571008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
23581008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll)WinVerifyTrust
23591008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll
23601008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
23611008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
23621008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b0410:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23631008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll
23641008.2274: supR3HardenedDllNotificationCallback: load 000007fefc960000 LB 0x00014000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
23651008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll
23661008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc960000 'C:\Windows\system32\RpcRtRemote.dll'
23671008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
23681008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf4580:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23691008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe130000 'C:\Windows\system32\oleaut32.dll'
23701008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000678 pwszName=\Device\HarddiskVolume3\Windows\System32\sxs.dll
23711008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
23721008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
23731008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCAC019C19F878C2B628662A84ECE75A01818BC9
23741008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\sxs.dll'
23751008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23761008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sxs.dll)WinVerifyTrust
23771008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sxs.dll
23781008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SXS.DLL (Input=SXS.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b06e0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23791008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sxs.dll
23801008.2274: supR3HardenedDllNotificationCallback: load 000007fefc8c0000 LB 0x00091000 C:\Windows\system32\SXS.DLL [fFlags=0x0]
23811008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sxs.dll
23821008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc8c0000 'C:\Windows\system32\SXS.DLL'
23831008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedd0000 'C:\Windows\system32\ADVAPI32.dll'
23841008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
23851008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b0a40:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23861008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe130000 'C:\Windows\system32\OLEAUT32.dll'
23871008.2274: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll)
23881008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b0800:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
23891008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
23901008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe260000 'C:\Windows\system32\gdi32.dll'
23911008.1dd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23921008.1dd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
23931008.1dd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
23941008.1dd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
23951008.1dd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
23961008.1dd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
23971008.1dd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
23981008.1dd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll)WinVerifyTrust
23991008.1dd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
24001008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24011008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24021008.1dd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
24031008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
24041008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
24051008.1dd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
24061008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24071008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
24081008.1dd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
24091008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24101008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
24111008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24121008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24131008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
24141008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
24151008.1dd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
24161008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24171008.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24181008.1dd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008dd160:C:\Program Files\Oracle\VirtualBox;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
24191008.1dd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
24201008.1dd0: supR3HardenedDllNotificationCallback: load 000007feeb850000 LB 0x004f6000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
24211008.1dd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
24221008.1dd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeb850000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
24231008.13d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24241008.13d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
24251008.13d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll)WinVerifyTrust
24261008.13d8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
24271008.13d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24281008.13d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24291008.13d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24301008.13d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24311008.13d8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba1a0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
24321008.13d8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
24331008.13d8: supR3HardenedDllNotificationCallback: load 000007fef5140000 LB 0x0000a000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL [fFlags=0x0]
24341008.13d8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
24351008.13d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5140000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL'
24361008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077850000 'C:\Windows\system32\user32.dll'
24371008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
24381008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b09b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
24391008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0d0000 'C:\Windows\system32\shell32.dll'
24401008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedd0000 'C:\Windows\system32\ADVAPI32.dll'
24411008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
24421008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008b09b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
24431008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe9f0000 'C:\Windows\system32\ole32.dll'
24441008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
24451008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba2c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
24461008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe9f0000 'C:\Windows\system32\ole32.dll'
24471008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll
24481008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf4630:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
24491008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe8e0000 'C:\Windows\system32\MSCTF.dll'
24501008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
24511008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba2c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
24521008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0d0000 'C:\Windows\system32\shell32.dll'
24531008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe9f0000 'C:\Windows\system32\ole32.dll'
24541008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
24551008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba2c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
24561008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe130000 'C:\Windows\system32\OLEAUT32.dll'
24571008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a1c pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
24581008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
24591008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
24601008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
24611008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll'
24621008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24631008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24641008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
24651008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
24661008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
24671008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
24681008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
24691008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll)WinVerifyTrust
24701008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
24711008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24721008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
24731008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
24741008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
24751008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
24761008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24771008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24781008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24791008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
24801008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
24811008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
24821008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a10 pwszName=\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
24831008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
24841008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
24851008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
24861008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll'
24871008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24881008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24891008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
24901008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
24911008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
24921008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
24931008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll)WinVerifyTrust
24941008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
24951008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24961008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24971008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24981008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
24991008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
25001008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
25011008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
25021008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
25031008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
25041008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25051008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
25061008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25071008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25081008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf7290:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
25091008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
25101008.2274: supR3HardenedDllNotificationCallback: load 000007fef67b0000 LB 0x0000f000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
25111008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
25121008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
25131008.2274: supR3HardenedDllNotificationCallback: load 000007fef6720000 LB 0x00086000 C:\Windows\system32\wbemcomn.dll [fFlags=0x0]
25141008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
25151008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef67b0000 'C:\Windows\system32\wbem\wbemprox.dll'
25161008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a3c pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
25171008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
25181008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
25191008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
25201008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll'
25211008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25221008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25231008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
25241008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll)WinVerifyTrust
25251008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
25261008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
25271008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
25281008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25291008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25301008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf6ed0:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
25311008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
25321008.2274: supR3HardenedDllNotificationCallback: load 000007fef5ac0000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
25331008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
25341008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5ac0000 'C:\Windows\system32\wbem\wbemsvc.dll'
25351008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a48 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
25361008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
25371008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
25381008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
25391008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll'
25401008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25411008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25421008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
25431008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
25441008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
25451008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
25461008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
25471008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll)WinVerifyTrust
25481008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
25491008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
25501008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\ntdsapi.dll' [rcNtRedir=0xc0150008]
25511008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a30 pwszName=\Device\HarddiskVolume3\Windows\System32\ntdsapi.dll
25521008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
25531008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
25541008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
25551008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\ntdsapi.dll'
25561008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25571008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25581008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
25591008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
25601008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdsapi.dll)WinVerifyTrust
25611008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdsapi.dll
25621008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
25631008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
25641008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25651008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
25661008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
25671008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
25681008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
25691008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
25701008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
25711008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25721008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25731008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
25741008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
25751008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
25761008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
25771008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
25781008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
25791008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25801008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25811008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf7290:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
25821008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
25831008.2274: supR3HardenedDllNotificationCallback: load 000007fef5b10000 LB 0x000e2000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
25841008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
25851008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntdsapi.dll
25861008.2274: supR3HardenedDllNotificationCallback: load 000007fef5ae0000 LB 0x00027000 C:\Windows\system32\NTDSAPI.dll [fFlags=0x0]
25871008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntdsapi.dll
25881008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5b10000 'C:\Windows\system32\wbem\fastprox.dll'
25891008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe130000 'C:\Windows\system32\OLEAUT32.dll'
25901008.140c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25911008.140c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
25921008.140c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
25931008.140c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll)WinVerifyTrust
25941008.140c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
25951008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25961008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25971008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
25981008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
25991008.140c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
26001008.140c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
26011008.140c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
26021008.140c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxREM.dll)WinVerifyTrust
26031008.140c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxREM.dll
26041008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26051008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26061008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26071008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26081008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
26091008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
26101008.140c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
26111008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26121008.140c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26131008.140c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
26141008.140c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
26151008.140c: supR3HardenedDllNotificationCallback: load 000007feeb390000 LB 0x00260000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
26161008.140c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
26171008.140c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxREM.dll
26181008.140c: supR3HardenedDllNotificationCallback: load 00000000526c0000 LB 0x00109000 C:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
26191008.140c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxREM.dll
26201008.140c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeb390000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
26211008.2038: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26221008.2038: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
26231008.2038: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26241008.2038: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
26251008.2038: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll)WinVerifyTrust
26261008.2038: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
26271008.2038: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26281008.2038: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
26291008.2038: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26301008.2038: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26311008.2038: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
26321008.2038: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
26331008.2038: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
26341008.2038: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26351008.2038: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26361008.2038: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
26371008.2038: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
26381008.2038: supR3HardenedDllNotificationCallback: load 000007fef53d0000 LB 0x00009000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
26391008.2038: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
26401008.2038: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef53d0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
26411008.1944: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26421008.1944: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
26431008.1944: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll)WinVerifyTrust
26441008.1944: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
26451008.1944: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26461008.1944: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26471008.1944: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26481008.1944: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26491008.1944: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
26501008.1944: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
26511008.1944: supR3HardenedDllNotificationCallback: load 000007fef53c0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
26521008.1944: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
26531008.1944: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef53c0000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
26541008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxoglhostcrutil.dll'.
26551008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
26561008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
26571008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtcorevbox4.dll'.
26581008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtguivbox4.dll'.
26591008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtopenglvbox4.dll'.
26601008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'opengl32.dll'.
26611008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe)
26621008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
26631008.2134: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe'
26641008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ba4 pwszName=\Device\HarddiskVolume3\Windows\System32\apphelp.dll
26651008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
26661008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
26671008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82846C7DC170BBD7F68FE9966A8D339A60BCFF16
26681008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\apphelp.dll'
26691008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26701008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\apphelp.dll)WinVerifyTrust
26711008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\apphelp.dll
26721008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
26731008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
26741008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
26751008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
26761008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
26771008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
26781008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
26791008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
26801008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
26811008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
26821008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
26831008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
26841008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26851008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26861008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26871008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
26881008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
26891008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
26901008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26911008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
26921008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'shlwapi.dll'.
26931008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
26941008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll)WinVerifyTrust
26951008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
26961008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
26971008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
26981008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
26991008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
27001008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
27011008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
27021008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27031008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27041008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27051008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27061008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
27071008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll
27081008.2134: supR3HardenedDllNotificationCallback: load 000007fefc850000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
27091008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll
27101008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc850000 'C:\Windows\system32\apphelp.dll'
27111008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27121008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
27131008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
27141008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxvmm.dll'.
27151008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxoglrenderspu.dll'.
27161008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
27171008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
27181008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'oleaut32.dll'.
27191008.2268: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll)WinVerifyTrust
27201008.2268: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
27211008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
27221008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
27231008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
27241008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
27251008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
27261008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
27271008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglrenderspu.dll'...
27281008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglrenderspu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglrenderspu.dll' [rcNtRedir=0xc0150008]
27291008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27301008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
27311008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
27321008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
27331008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
27341008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
27351008.2268: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll)WinVerifyTrust
27361008.2268: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
27371008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
27381008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
27391008.2268: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
27401008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27411008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27421008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
27431008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
27441008.2268: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
27451008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27461008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27471008.2268: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
27481008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
27491008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
27501008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
27511008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
27521008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27531008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
27541008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27551008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27561008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
27571008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
27581008.2268: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
27591008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27601008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27611008.2268: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
27621008.2268: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
27631008.2268: supR3HardenedDllNotificationCallback: load 000007feeb260000 LB 0x00127000 C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL [fFlags=0x0]
27641008.2268: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
27651008.2268: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
27661008.2268: supR3HardenedDllNotificationCallback: load 000007feecdd0000 LB 0x00032000 C:\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll [fFlags=0x0]
27671008.2268: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
27681008.2268: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
27691008.2268: supR3HardenedDllNotificationCallback: load 000007feece20000 LB 0x00027000 C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll [fFlags=0x0]
27701008.2268: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
27711008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeb260000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL'
27721008.2268: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
27731008.2268: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
27741008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feece20000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll'
27751008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27761008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
27771008.2268: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll)WinVerifyTrust
27781008.2268: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
27791008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
27801008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
27811008.2268: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
27821008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27831008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27841008.2268: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
27851008.2268: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
27861008.2268: supR3HardenedDllNotificationCallback: load 000007feecdb0000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll [fFlags=0x0]
27871008.2268: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
27881008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll'
27891008.2268: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
27901008.2268: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/opengl32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
27911008.2268: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
27921008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef18b0000 'C:\Windows\system32/opengl32.dll'
27931008.2268: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
27941008.2268: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
27951008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef18b0000 'C:\Windows\system32\OPENGL32.dll'
27961008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe260000 'C:\Windows\system32\gdi32.dll'
27971008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe260000 'C:\Windows\system32\gdi32.dll'
27981008.2268: \Device\HarddiskVolume3\Windows\System32\ig7icd64.dll: Owner is administrators group.
27991008.2268: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bf8 pwszName=\Device\HarddiskVolume3\Windows\System32\ig7icd64.dll
28001008.2268: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
28011008.2268: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
28021008.277c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe130000 'C:\Windows\system32\OLEAUT32.dll'
28031008.2268: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=51BCDB6C4DE35A2E12B5DE4EAF411A93D9917270
28041008.2268: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem156.CAT'; file='\Device\HarddiskVolume3\Windows\System32\ig7icd64.dll'
28051008.2268: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28061008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
28071008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
28081008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
28091008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
28101008.2268: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ig7icd64.dll)WinVerifyTrust
28111008.2268: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ig7icd64.dll
28121008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
28131008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
28141008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
28151008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
28161008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
28171008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
28181008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
28191008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
28201008.2268: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ig7icd64.dll (Input=ig7icd64.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28211008.2268: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ig7icd64.dll
28221008.2268: supR3HardenedDllNotificationCallback: load 000007feea730000 LB 0x00b29000 C:\Windows\system32\ig7icd64.dll [fFlags=0x0]
28231008.2268: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ig7icd64.dll
28241008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe260000 'C:\Windows\system32\gdi32.dll'
28251008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea730000 'C:\Windows\system32\ig7icd64.dll'
28261008.2268: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
28271008.2268: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28281008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe260000 'C:\Windows\system32\gdi32.dll'
28291008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe260000 'C:\Windows\system32\gdi32.dll'
28301008.2268: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000006e0 pwszName=\Device\HarddiskVolume3\Windows\System32\version.dll
28311008.2268: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
28321008.2268: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
28331008.2268: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A3AB94A028D0330A3DBCAE54C04C648532198DB9
28341008.2268: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\version.dll'
28351008.2268: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28361008.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
28371008.2268: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\version.dll)WinVerifyTrust
28381008.2268: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\version.dll
28391008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28401008.2268: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28411008.2268: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\version.dll (Input=version.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28421008.2268: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
28431008.2268: supR3HardenedDllNotificationCallback: load 000007fefba90000 LB 0x0000c000 C:\Windows\system32\version.dll [fFlags=0x0]
28441008.2268: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
28451008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba90000 'C:\Windows\system32\version.dll'
28461008.2268: supR3HardenedDllNotificationCallback: Unload 000007fefba90000 LB 0x0000c000 C:\Windows\system32\version.dll [flags=0x0]
28471008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef18b0000 'C:\Windows\system32\OPENGL32.dll'
28481008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef18b0000 'C:\Windows\system32\OPENGL32.dll'
28491008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef18b0000 'C:\Windows\system32\OPENGL32.dll'
28501008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef18b0000 'C:\Windows\system32\OPENGL32.dll'
28511008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef18b0000 'C:\Windows\system32\OPENGL32.dll'
28521008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef18b0000 'C:\Windows\system32\OPENGL32.dll'
28531008.2268: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
28541008.2268: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba470:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28551008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef18b0000 'C:\Windows\system32\OPENGL32.dll'
28561008.2268: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef18b0000 'C:\Windows\system32\OPENGL32.dll'
28571008.13e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28581008.13e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
28591008.13e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
28601008.13e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll)WinVerifyTrust
28611008.13e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
28621008.13e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28631008.13e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28641008.13e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
28651008.13e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
28661008.13e0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
28671008.13e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28681008.13e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28691008.13e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28701008.13e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
28711008.13e0: supR3HardenedDllNotificationCallback: load 000007fef53b0000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
28721008.13e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
28731008.13e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef53b0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
28741008.177c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28751008.177c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
28761008.177c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
28771008.177c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll)WinVerifyTrust
28781008.177c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
28791008.177c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28801008.177c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28811008.177c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
28821008.177c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
28831008.177c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
28841008.177c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28851008.177c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28861008.177c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28871008.177c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
28881008.177c: supR3HardenedDllNotificationCallback: load 000007fef53a0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
28891008.177c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
28901008.177c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef53a0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
28911008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28921008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
28931008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeb390000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
28941008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28951008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
28961008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
28971008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
28981008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
28991008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll)WinVerifyTrust
29001008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29011008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
29021008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
29031008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
29041008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
29051008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29061008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
29071008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29081008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29091008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29101008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29111008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
29121008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29131008.2134: supR3HardenedDllNotificationCallback: load 000007feecd70000 LB 0x00031000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
29141008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29151008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecd70000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
29161008.2134: supR3HardenedDllNotificationCallback: Unload 000007feecd70000 LB 0x00031000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
29171008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29181008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
29191008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
29201008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
29211008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
29221008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
29231008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
29241008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
29251008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
29261008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
29271008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll)WinVerifyTrust
29281008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
29291008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
29301008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
29311008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cf4 pwszName=\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
29321008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
29331008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
29341008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
29351008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL'
29361008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29371008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29381008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
29391008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
29401008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
29411008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL)WinVerifyTrust
29421008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
29431008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
29441008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
29451008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
29461008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
29471008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
29481008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
29491008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
29501008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29511008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
29521008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
29531008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
29541008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29551008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
29561008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
29571008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll)WinVerifyTrust
29581008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
29591008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
29601008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
29611008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29621008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
29631008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
29641008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
29651008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'newdev.dll'.
29661008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
29671008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll)WinVerifyTrust
29681008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
29691008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29701008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29711008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
29721008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
29731008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
29741008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29751008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29761008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
29771008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
29781008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'newdev.dll'...
29791008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'newdev.dll' -> '\Device\HarddiskVolume3\Windows\System32\newdev.dll' [rcNtRedir=0xc0150008]
29801008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d14 pwszName=\Device\HarddiskVolume3\Windows\System32\newdev.dll
29811008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
29821008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
29831008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2F4B2CF91DA6B4233E3BF5D2EC9677240BFF983C
29841008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume3\Windows\System32\newdev.dll'
29851008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29861008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29871008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
29881008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
29891008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
29901008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'uxtheme.dll'.
29911008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'cfgmgr32.dll'.
29921008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'setupapi.dll'.
29931008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\newdev.dll)WinVerifyTrust
29941008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\newdev.dll
29951008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
29961008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
29971008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
29981008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29991008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
30001008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30011008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
30021008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30031008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30041008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30051008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
30061008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
30071008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
30081008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
30091008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30101008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30111008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30121008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30131008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
30141008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
30151008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d00 pwszName=\Device\HarddiskVolume3\Windows\System32\winnsi.dll
30161008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
30171008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
30181008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
30191008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\winnsi.dll'
30201008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30211008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30221008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
30231008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
30241008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winnsi.dll)WinVerifyTrust
30251008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winnsi.dll
30261008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
30271008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
30281008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll
30291008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30301008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30311008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
30321008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
30331008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll
30341008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30351008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30361008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30371008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30381008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
30391008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
30401008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
30411008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
30421008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
30431008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
30441008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
30451008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
30461008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
30471008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
30481008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30491008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
30501008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
30511008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
30521008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30531008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30541008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
30551008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
30561008.2134: supR3HardenedDllNotificationCallback: load 000007fee9e60000 LB 0x008ca000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
30571008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
30581008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
30591008.2134: supR3HardenedDllNotificationCallback: load 000007fef22a0000 LB 0x0005f000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
30601008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
30611008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\newdev.dll
30621008.2134: supR3HardenedDllNotificationCallback: load 000007fef2300000 LB 0x00051000 C:\Windows\system32\newdev.dll [fFlags=0x0]
30631008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\newdev.dll
30641008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30651008.2134: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\devrtl.dll)
30661008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devrtl.dll
30671008.2134: supR3HardenedDllNotificationCallback: load 000007fefbc90000 LB 0x00012000 C:\Windows\system32\devrtl.DLL [fFlags=0x0]
30681008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\devrtl.dll [avoiding WinVerifyTrust]
30691008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
30701008.2134: supR3HardenedDllNotificationCallback: load 000007feecd70000 LB 0x00034000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
30711008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
30721008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
30731008.2134: supR3HardenedDllNotificationCallback: load 000007fef9bc0000 LB 0x00027000 C:\Windows\system32\IPHLPAPI.DLL [fFlags=0x0]
30741008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
30751008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll
30761008.2134: supR3HardenedDllNotificationCallback: load 000007fef9bb0000 LB 0x0000b000 C:\Windows\system32\WINNSI.DLL [fFlags=0x0]
30771008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll
30781008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee9e60000 'C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL'
30791008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d20 pwszName=\Device\HarddiskVolume3\Windows\System32\devrtl.dll
30801008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
30811008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
30821008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A
30831008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\devrtl.dll'
30841008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30851008.2134: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\devrtl.dll'
30861008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
30871008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30881008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30891008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
30901008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
30911008.2134: supR3HardenedDllNotificationCallback: load 000007feecc30000 LB 0x00031000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
30921008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
30931008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecc30000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
30941008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
30951008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
30961008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
30971008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeb850000 'C:\Program Files\Oracle\VirtualBox/VBoxC.DLL'
30981008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
30991008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31001008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
31011008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecd70000 'C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL'
31021008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31031008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31041008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll)WinVerifyTrust
31051008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
31061008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31071008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31081008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31091008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31101008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31111008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
31121008.2134: supR3HardenedDllNotificationCallback: load 000007feecc10000 LB 0x00012000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
31131008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
31141008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecc10000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL'
31151008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31161008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31171008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll)WinVerifyTrust
31181008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
31191008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31201008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31211008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31221008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31231008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31241008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
31251008.2134: supR3HardenedDllNotificationCallback: load 000007feecbf0000 LB 0x00016000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
31261008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
31271008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecbf0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL'
31281008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31291008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31301008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll)WinVerifyTrust
31311008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
31321008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31331008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31341008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31351008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31361008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31371008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
31381008.2134: supR3HardenedDllNotificationCallback: load 000007feecbd0000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
31391008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
31401008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feecbd0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL'
31411008.1660: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31421008.1660: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
31431008.1660: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
31441008.1660: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll)WinVerifyTrust
31451008.1660: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
31461008.1660: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31471008.1660: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31481008.1660: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
31491008.1660: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
31501008.1660: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31511008.1660: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31521008.1660: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31531008.1660: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
31541008.1660: supR3HardenedDllNotificationCallback: load 000007fef2290000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
31551008.1660: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
31561008.1660: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2290000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
31571008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31581008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31591008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll)WinVerifyTrust
31601008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
31611008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31621008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31631008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31641008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31651008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31661008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
31671008.2134: supR3HardenedDllNotificationCallback: load 000007fef5130000 LB 0x00008000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
31681008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
31691008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5130000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL'
31701008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
31711008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372af0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31721008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
31731008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9bc0000 'C:\Windows\system32/Iphlpapi.dll'
31741008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e34 pwszName=\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
31751008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
31761008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
31771008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A719769A21133C3F89F7BEA09AB706365F35DF8F
31781008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB2763523~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll'
31791008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
31801008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
31811008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
31821008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
31831008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll)WinVerifyTrust
31841008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
31851008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
31861008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
31871008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
31881008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
31891008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
31901008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
31911008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc6.DLL (Input=dhcpcsvc6.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372c10:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31921008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
31931008.2134: supR3HardenedDllNotificationCallback: load 000007fef9070000 LB 0x00011000 C:\Windows\system32\dhcpcsvc6.DLL [fFlags=0x0]
31941008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
31951008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9070000 'C:\Windows\system32\dhcpcsvc6.DLL'
31961008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
31971008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372c10:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
31981008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9bc0000 'C:\Windows\system32\IPHLPAPI.DLL'
31991008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e58 pwszName=\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
32001008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
32011008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
32021008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D89E2D6AED9A19082ECA108BEEF81A904C7A9756
32031008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll'
32041008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32051008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32061008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
32071008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
32081008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
32091008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll)WinVerifyTrust
32101008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
32111008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
32121008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
32131008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll
32141008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
32151008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
32161008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
32171008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
32181008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
32191008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
32201008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dhcpcsvc.DLL (Input=dhcpcsvc.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372ee0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
32211008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
32221008.2134: supR3HardenedDllNotificationCallback: load 000007fef9050000 LB 0x00018000 C:\Windows\system32\dhcpcsvc.DLL [fFlags=0x0]
32231008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
32241008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9050000 'C:\Windows\system32\dhcpcsvc.DLL'
32251008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
32261008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IPHLPAPI.DLL (Input=IPHLPAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372ee0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
32271008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9bc0000 'C:\Windows\system32\IPHLPAPI.DLL'
32281008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ec0 pwszName=\Device\HarddiskVolume3\Windows\System32\dsound.dll
32291008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
32301008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
32311008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F6C3E3D9F8B48D816E52C31576FFFD4AF86AB813
32321008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume3\Windows\System32\dsound.dll'
32331008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32341008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32351008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
32361008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
32371008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
32381008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
32391008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'powrprof.dll'.
32401008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dsound.dll)WinVerifyTrust
32411008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dsound.dll
32421008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'powrprof.dll'...
32431008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'powrprof.dll' -> '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rcNtRedir=0xc0150008]
32441008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ec4 pwszName=\Device\HarddiskVolume3\Windows\System32\powrprof.dll
32451008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
32461008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
32471008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E0B7DE18787DB24DAD3580634869A9A8FF4AB48F
32481008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\powrprof.dll'
32491008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32501008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32511008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
32521008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
32531008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll)WinVerifyTrust
32541008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll
32551008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
32561008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
32571008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
32581008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
32591008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
32601008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
32611008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
32621008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
32631008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
32641008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
32651008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
32661008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
32671008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
32681008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
32691008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
32701008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
32711008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
32721008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
32731008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
32741008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf4d10:C:\Windows\System32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
32751008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
32761008.2134: supR3HardenedDllNotificationCallback: load 000007fefabc0000 LB 0x00088000 C:\Windows\System32\dsound.dll [fFlags=0x0]
32771008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
32781008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\powrprof.dll
32791008.2134: supR3HardenedDllNotificationCallback: load 000007fefa670000 LB 0x0002c000 C:\Windows\System32\POWRPROF.dll [fFlags=0x0]
32801008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\powrprof.dll
32811008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
32821008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009372ee0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
32831008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefabc0000 'C:\Windows\System32\dsound.dll'
32841008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefabc0000 'C:\Windows\System32\dsound.dll'
32851008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ec8 pwszName=\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
32861008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
32871008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
32881008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=704F97298D44B8146C54067788F597E0BF365197
32891008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll'
32901008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32911008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32921008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
32931008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
32941008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'propsys.dll'.
32951008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll)WinVerifyTrust
32961008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
32971008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
32981008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume3\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
32991008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000eec pwszName=\Device\HarddiskVolume3\Windows\System32\propsys.dll
33001008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
33011008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
33021008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6A1594E841359779EF7EA7EBCF775D89F55388D3
33031008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\propsys.dll'
33041008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
33051008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
33061008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
33071008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
33081008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
33091008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
33101008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\propsys.dll)WinVerifyTrust
33111008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\propsys.dll
33121008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
33131008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
33141008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
33151008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
33161008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
33171008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
33181008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
33191008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
33201008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
33211008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
33221008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
33231008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
33241008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
33251008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
33261008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
33271008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
33281008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
33291008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf4d10:C:\Windows\System32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
33301008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
33311008.2134: supR3HardenedDllNotificationCallback: load 000007fefafb0000 LB 0x0004b000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0]
33321008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
33331008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll
33341008.2134: supR3HardenedDllNotificationCallback: load 000007fefb420000 LB 0x0012c000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
33351008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll
33361008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefedd0000 'C:\Windows\system32\ADVAPI32.dll'
33371008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefafb0000 'C:\Windows\System32\MMDevApi.dll'
33381008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe9f0000 'C:\Windows\system32\ole32.dll'
33391008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
33401008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SETUPAPI.dll (Input=SETUPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
33411008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe700000 'C:\Windows\system32\SETUPAPI.dll'
33421008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
33431008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
33441008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed50000 'C:\Windows\system32\SHLWAPI.dll'
33451008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
33461008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
33471008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefafb0000 'C:\Windows\system32\MMDEVAPI.DLL'
33481008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe9f0000 'C:\Windows\system32\ole32.dll'
33491008.1d5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ig7icd64.dll
33501008.1d5c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ig7icd64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf5080:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
33511008.1d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea730000 'C:\Windows\system32\ig7icd64.dll'
33521008.1d5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
33531008.1d5c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CFGMGR32.dll (Input=CFGMGR32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
33541008.1d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb50000 'C:\Windows\system32\CFGMGR32.dll'
33551008.156c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f44 pwszName=\Device\HarddiskVolume3\Windows\System32\AudioSes.dll
33561008.156c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
33571008.156c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
33581008.156c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E7B264B3670B74C7A34AEDBA5E942385CDC0D1C9
33591008.156c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB3005607~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\AudioSes.dll'
33601008.156c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
33611008.156c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
33621008.156c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
33631008.156c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
33641008.156c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
33651008.156c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
33661008.156c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
33671008.156c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
33681008.156c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\AudioSes.dll)WinVerifyTrust
33691008.156c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
33701008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
33711008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
33721008.156c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
33731008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
33741008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
33751008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
33761008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
33771008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
33781008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
33791008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
33801008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
33811008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
33821008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
33831008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
33841008.156c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
33851008.156c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
33861008.156c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
33871008.156c: supR3HardenedDllNotificationCallback: load 000007fefa0c0000 LB 0x0004f000 C:\Windows\system32\AUDIOSES.DLL [fFlags=0x0]
33881008.156c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
33891008.156c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa0c0000 'C:\Windows\system32\AUDIOSES.DLL'
33901008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
33911008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
33921008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2e0000 'C:\Windows\system32\winmm.dll'
33931008.2134: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
33941008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
33951008.2134: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
33961008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecd0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
33971008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe380000 'C:\Windows\system32\RPCRT4.dll'
33981008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
33991008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MMDevAPI.DLL (Input=MMDevAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
34001008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefafb0000 'C:\Windows\system32\MMDevAPI.DLL'
34011008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f94 pwszName=\Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34021008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
34031008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
34041008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4B64306F5558D2DEC53CF11AAF17F02438929FDD
34051008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\wdmaud.drv'
34061008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
34071008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
34081008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
34091008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
34101008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
34111008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
34121008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ksuser.dll'.
34131008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'mmdevapi.dll'.
34141008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'avrt.dll'.
34151008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wdmaud.drv)WinVerifyTrust
34161008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34171008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
34181008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
34191008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f98 pwszName=\Device\HarddiskVolume3\Windows\System32\avrt.dll
34201008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
34211008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
34221008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1362C343929DD08AB918B38DE195D1A11B1D1365
34231008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\avrt.dll'
34241008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
34251008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\avrt.dll)WinVerifyTrust
34261008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\avrt.dll
34271008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
34281008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
34291008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
34301008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
34311008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume3\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
34321008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000fac pwszName=\Device\HarddiskVolume3\Windows\System32\ksuser.dll
34331008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
34341008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
34351008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EC3873F9ACBE279185D3540F02128F42D21D0856
34361008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\ksuser.dll'
34371008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
34381008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
34391008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ksuser.dll)WinVerifyTrust
34401008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ksuser.dll
34411008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
34421008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
34431008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
34441008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
34451008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
34461008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
34471008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
34481008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
34491008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
34501008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
34511008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
34521008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
34531008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
34541008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
34551008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34561008.2134: supR3HardenedDllNotificationCallback: load 000007fef9fc0000 LB 0x0003b000 C:\Windows\system32\wdmaud.drv [fFlags=0x0]
34571008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34581008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll
34591008.2134: supR3HardenedDllNotificationCallback: load 0000000074c70000 LB 0x00006000 C:\Windows\system32\ksuser.dll [fFlags=0x0]
34601008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll
34611008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll
34621008.2134: supR3HardenedDllNotificationCallback: load 000007fefa660000 LB 0x00009000 C:\Windows\system32\AVRT.dll [fFlags=0x0]
34631008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll
34641008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9fc0000 'C:\Windows\system32\wdmaud.drv'
34651008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34661008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
34671008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9fc0000 'C:\Windows\system32\wdmaud.drv'
34681008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34691008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000009373480:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
34701008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9fc0000 'C:\Windows\system32\wdmaud.drv'
34711008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34721008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093733f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
34731008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9fc0000 'C:\Windows\system32\wdmaud.drv'
34741008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34751008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093733f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
34761008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9fc0000 'C:\Windows\system32\wdmaud.drv'
34771008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34781008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093733f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
34791008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9fc0000 'C:\Windows\system32\wdmaud.drv'
34801008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34811008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
34821008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9fc0000 'C:\Windows\system32\wdmaud.drv'
34831008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9fc0000 'C:\Windows\system32\wdmaud.drv'
34841008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000fa0 pwszName=\Device\HarddiskVolume3\Windows\System32\msacm32.drv
34851008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
34861008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
34871008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=522563F5384AD4C93CF5CF4EEA899D3267552328
34881008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume3\Windows\System32\msacm32.drv'
34891008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
34901008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
34911008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
34921008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
34931008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msacm32.dll'.
34941008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'mmdevapi.dll'.
34951008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.drv)WinVerifyTrust
34961008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.drv
34971008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
34981008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
34991008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
35001008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
35011008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
35021008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000fb0 pwszName=\Device\HarddiskVolume3\Windows\System32\msacm32.dll
35031008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
35041008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
35051008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DCA0A8AEE81B82C402AA72A300B2C8D2DC17C1DA
35061008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\msacm32.dll'
35071008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35081008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35091008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
35101008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
35111008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
35121008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'winmm.dll'.
35131008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.dll)WinVerifyTrust
35141008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.dll
35151008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
35161008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
35171008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
35181008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
35191008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
35201008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35211008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
35221008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
35231008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
35241008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
35251008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
35261008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
35271008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
35281008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
35291008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
35301008.2134: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
35311008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35321008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
35331008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
35341008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35351008.2134: supR3HardenedDllNotificationCallback: load 000007fefaab0000 LB 0x0000a000 C:\Windows\system32\msacm32.drv [fFlags=0x0]
35361008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35371008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll
35381008.2134: supR3HardenedDllNotificationCallback: load 000007fefa2c0000 LB 0x00018000 C:\Windows\system32\MSACM32.dll [fFlags=0x0]
35391008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll
35401008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
35411008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35421008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
35431008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
35441008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35451008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
35461008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
35471008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35481008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
35491008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
35501008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35511008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
35521008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
35531008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35541008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
35551008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
35561008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35571008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
35581008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
35591008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
35601008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
35611008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaab0000 'C:\Windows\system32\msacm32.drv'
35621008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000fc0 pwszName=\Device\HarddiskVolume3\Windows\System32\midimap.dll
35631008.2134: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
35641008.2134: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
35651008.2134: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=43116C5C719A4751DA70B12932084D73D7AACEA3
35661008.2134: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume3\Windows\System32\midimap.dll'
35671008.2134: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35681008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35691008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
35701008.2134: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winmm.dll'.
35711008.2134: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\midimap.dll)WinVerifyTrust
35721008.2134: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\midimap.dll
35731008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
35741008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
35751008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
35761008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
35771008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35781008.2134: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
35791008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
35801008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
35811008.2134: supR3HardenedDllNotificationCallback: load 000007fefa2b0000 LB 0x00009000 C:\Windows\system32\midimap.dll [fFlags=0x0]
35821008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
35831008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\midimap.dll'
35841008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
35851008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
35861008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\midimap.dll'
35871008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
35881008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
35891008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\midimap.dll'
35901008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
35911008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
35921008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2b0000 'C:\Windows\system32\midimap.dll'
35931008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2e0000 'C:\Windows\system32\winmm.dll'
35941008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2e0000 'C:\Windows\system32\winmm.dll'
35951008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2e0000 'C:\Windows\system32\winmm.dll'
35961008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2e0000 'C:\Windows\system32\winmm.dll'
35971008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe9f0000 'C:\Windows\system32\ole32.dll'
35981008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2e0000 'C:\Windows\system32\winmm.dll'
35991008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
36001008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
36011008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2e0000 'C:\Windows\system32\winmm.dll'
36021008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2e0000 'C:\Windows\system32\winmm.dll'
36031008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa2e0000 'C:\Windows\system32\winmm.dll'
36041008.1d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
36051008.1d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\audioses.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002bf5130:C:\Windows\System32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
36061008.1d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa0c0000 'C:\Windows\System32\audioses.dll'
36071008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeb390000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
36081008.2134: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
36091008.2134: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000093731b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
36101008.2134: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
36111008.2134: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077950000 'C:\Windows\system32/kernel32.dll'
36121008.1a48: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll
36131008.1a48: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\avrt.dll (Input=avrt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
36141008.1a48: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa660000 'C:\Windows\system32\avrt.dll'
36151008.b4c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000085c pwszName=\Device\HarddiskVolume3\Windows\System32\mswsock.dll
36161008.b4c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
36171008.b4c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
36181008.b4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
36191008.b4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000041ba110:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
36201008.b4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcba0000 'C:\Windows\system32\WINTRUST.DLL'
36211008.b4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
36221008.b4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000041ba110:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
36231008.b4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcbe0000 'C:\Windows\system32\CRYPT32.dll'
36241008.b4c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C8E5754748E0E000AB425BF2AEB177780FB43945
36251008.b4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7990000 'C:\Windows\system32\cryptnet.dll'
36261008.b4c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2888049~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\mswsock.dll'
36271008.b4c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
36281008.b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
36291008.b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
36301008.b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
36311008.b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
36321008.b4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mswsock.dll)WinVerifyTrust
36331008.b4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mswsock.dll
36341008.b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
36351008.b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
36361008.b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
36371008.b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
36381008.b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
36391008.b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
36401008.b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36411008.b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
36421008.b4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
36431008.b4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll
36441008.b4c: supR3HardenedDllNotificationCallback: load 000007fefc1e0000 LB 0x00055000 C:\Windows\system32\mswsock.dll [fFlags=0x0]
36451008.b4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll
36461008.b4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc1e0000 'C:\Windows\system32\mswsock.dll'
36471008.b4c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011ac pwszName=\Device\HarddiskVolume3\Windows\System32\WSHTCPIP.DLL
36481008.b4c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
36491008.b4c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
36501008.b4c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1EFFE58BB9FD8A94FD1609B7F82A43C8E09D98AA
36511008.b4c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\WSHTCPIP.DLL'
36521008.b4c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
36531008.b4c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ws2_32.dll'.
36541008.b4c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WSHTCPIP.DLL)WinVerifyTrust
36551008.b4c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WSHTCPIP.DLL
36561008.b4c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
36571008.b4c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
36581008.b4c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wshtcpip.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
36591008.b4c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WSHTCPIP.DLL
36601008.b4c: supR3HardenedDllNotificationCallback: load 000007fefbb60000 LB 0x00007000 C:\Windows\System32\wshtcpip.dll [fFlags=0x0]
36611008.b4c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WSHTCPIP.DLL
36621008.b4c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbb60000 'C:\Windows\System32\wshtcpip.dll'
36631008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011cc pwszName=\Device\HarddiskVolume3\Windows\System32\mscms.dll
36641008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
36651008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
36661008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=77B48D4C63C7308FE42B2B7DF054999F6CE86C20
36671008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ICM-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\mscms.dll'
36681008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
36691008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
36701008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'userenv.dll'.
36711008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
36721008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
36731008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mscms.dll)WinVerifyTrust
36741008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mscms.dll
36751008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
36761008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
36771008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
36781008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
36791008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
36801008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume3\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
36811008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
36821008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36831008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
36841008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mscms.dll (Input=mscms.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
36851008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mscms.dll
36861008.2274: supR3HardenedDllNotificationCallback: load 000007fef6240000 LB 0x0009c000 C:\Windows\system32\mscms.dll [fFlags=0x0]
36871008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mscms.dll
36881008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6240000 'C:\Windows\system32\mscms.dll'
36891008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011f4 pwszName=\Device\HarddiskVolume3\Windows\System32\icm32.dll
36901008.2274: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000008bbd70
36911008.2274: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000008bbd70
36921008.2274: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A467A1C0C873D06FC9374DE3DAC05A8C3CE89002
36931008.2274: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ICM-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\icm32.dll'
36941008.2274: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
36951008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
36961008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mscms.dll'.
36971008.2274: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
36981008.2274: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\icm32.dll)WinVerifyTrust
36991008.2274: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\icm32.dll
37001008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
37011008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
37021008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mscms.dll'...
37031008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'mscms.dll' -> '\Device\HarddiskVolume3\Windows\System32\mscms.dll' [rcNtRedir=0xc0150008]
37041008.2274: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mscms.dll
37051008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37061008.2274: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
37071008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\icm32.dll (Input=icm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
37081008.2274: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\icm32.dll
37091008.2274: supR3HardenedDllNotificationCallback: load 000007fee9a70000 LB 0x00042000 C:\Windows\system32\icm32.dll [fFlags=0x0]
37101008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\icm32.dll
37111008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee9a70000 'C:\Windows\system32\icm32.dll'
37121008.2274: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll' [redir]
37131008.2274: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
37141008.2274: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008afde0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
37151008.2274: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8690000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll'
37161b5c.17e8: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1096968 ms, the end);
371714b4.21c0: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1097847 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy