VirtualBox

Ticket #13959: VBoxStartup-4.3.16-non-working.log

File VBoxStartup-4.3.16-non-working.log, 417.0 KB (added by mgehre, 10 years ago)
Line 
1520.1024: Log file opened: 4.3.16r95972 g_hStartupLog=00000000000000ac g_uNtVerCombined=0x611db110
2520.1024: Calling main()
3520.1024: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4520.1024: SUPR3HardenedMain: Respawn #1
5520.1024: System32: \Device\HarddiskVolume2\Windows\System32
6520.1024: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
7520.1024: ProgDir: \Device\HarddiskVolume2\Program Files
8520.1024: ComDir: \Device\HarddiskVolume2\Program Files\Common Files
9520.1024: ProgDir32: \Device\HarddiskVolume2\Program Files (x86)
10520.1024: ComDir32: \Device\HarddiskVolume2\Program Files (x86)\Common Files
11520.1024: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
12520.1024: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
13520.1024: supR3HardNtEnableThreadCreation:
14520.1024: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076efc340 pvNtTerminateThread=0000000076f217e0
15520.1024: supR3HardenedWinDoReSpawn(1): New child 14e0.890 [kernel32].
16520.1024: supR3HardenedWinPurifyChild: PebBaseAddress=000007fffffd5000 cbPeb=0x380
17520.1024: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076ed0000 uNtDllChildAddr=0000000076ed0000
18520.1024: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=0000000076efc340 uNtTerminateThread=0000000076f217e0
19520.1024: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076efc340 pvNtTerminateThread=0000000076f217e0
20520.1024: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
21520.1024: supR3HardNtPuChTriggerInitialImageEvents: ntdll.dll[2nd] mapped at 0000000000200000 LB 0x1a9000
22520.1024: supR3HardNtPuChTriggerInitialImageEvents: mapping view of kernel32.dll
23520.1024: supR3HardNtPuChTriggerInitialImageEvents: kernel32.dll mapped at 0000000076db0000 LB 0x11f000
24520.1024: supR3HardNtPuChTriggerInitialImageEvents: mapping view of KernelBase.dll
25520.1024: supR3HardNtPuChTriggerInitialImageEvents: KernelBase.dll mapped at 000007fefcf80000 LB 0x6c000
26520.1024: supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: 31 ms
27520.1024: supR3HardNtEnableThreadCreation:
28520.1024: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
29520.1024: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
30520.1024: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
31520.1024: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
32520.1024: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
33520.1024: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
34520.1024: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
35520.1024: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
36520.1024: 0000000000051000-fffffffffffa1fff 0x0001/0x0000 0x0000000
37520.1024: *0000000000100000-0000000000003fff 0x0000/0x0004 0x0020000
38520.1024: 00000000001fc000-00000000001f8fff 0x0104/0x0004 0x0020000
39520.1024: 00000000001ff000-00000000001fdfff 0x0004/0x0004 0x0020000
40520.1024: 0000000000200000-ffffffff8952ffff 0x0001/0x0000 0x0000000
41520.1024: *0000000076ed0000-0000000076ecefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
42520.1024: 0000000076ed1000-0000000076dcefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
43520.1024: 0000000076fd3000-0000000076fa3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
44520.1024: 0000000077002000-0000000076ff9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
45520.1024: 000000007700a000-0000000077008fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
46520.1024: 000000007700b000-0000000077007fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
47520.1024: 000000007700e000-0000000076fa2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
48520.1024: 0000000077079000-000000006f111fff 0x0001/0x0000 0x0000000
49520.1024: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
50520.1024: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
51520.1024: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
52520.1024: 000000007fff0000-ffffffffc011ffff 0x0001/0x0000 0x0000000
53520.1024: *000000013fec0000-000000013febefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
54520.1024: 000000013fec1000-000000013fe41fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
55520.1024: 000000013ff40000-000000013ff3efff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
56520.1024: 000000013ff41000-000000013ff09fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
57520.1024: 000000013ff78000-000000013ff6efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
58520.1024: 000000013ff81000-000000013ff47fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
59520.1024: 000000013ffba000-fffff80380d83fff 0x0001/0x0000 0x0000000
60520.1024: *000007feff1f0000-000007feff1eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
61520.1024: 000007feff1f1000-000007fdfe431fff 0x0001/0x0000 0x0000000
62520.1024: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
63520.1024: 000007fffffd3000-000007fffffd0fff 0x0001/0x0000 0x0000000
64520.1024: *000007fffffd5000-000007fffffd3fff 0x0004/0x0004 0x0020000
65520.1024: 000007fffffd6000-000007fffffcdfff 0x0001/0x0000 0x0000000
66520.1024: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
67520.1024: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
68520.1024: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
69520.1024: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
70520.1024: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
7114e0.890: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
7214e0.890: Calling main()
7314e0.890: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
7414e0.890: System32: \Device\HarddiskVolume2\Windows\System32
7514e0.890: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
7614e0.890: ProgDir: \Device\HarddiskVolume2\Program Files
7714e0.890: ComDir: \Device\HarddiskVolume2\Program Files\Common Files
7814e0.890: ProgDir32: \Device\HarddiskVolume2\Program Files (x86)
7914e0.890: ComDir32: \Device\HarddiskVolume2\Program Files (x86)\Common Files
8014e0.890: supR3HardenedWinInit: Startup delay kludge #2/0: 125 ms, 8 sleeps
8114e0.890: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
8214e0.890: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
8314e0.890: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
8414e0.890: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
8514e0.890: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
8614e0.890: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
8714e0.890: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
8814e0.890: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
8914e0.890: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
9014e0.890: 0000000000051000-0000000000041fff 0x0001/0x0000 0x0000000
9114e0.890: *0000000000060000-ffffffffffff8fff 0x0002/0x0002 0x0040000
9214e0.890: 00000000000c7000-000000000008dfff 0x0001/0x0000 0x0000000
9314e0.890: *0000000000100000-0000000000004fff 0x0000/0x0004 0x0020000
9414e0.890: 00000000001fb000-00000000001f8fff 0x0104/0x0004 0x0020000
9514e0.890: 00000000001fd000-00000000001f9fff 0x0004/0x0004 0x0020000
9614e0.890: *0000000000200000-0000000000055fff 0x0004/0x0004 0x0020000
9714e0.890: 00000000003aa000-0000000000363fff 0x0001/0x0000 0x0000000
9814e0.890: *00000000003f0000-0000000000385fff 0x0004/0x0004 0x0020000
9914e0.890: 000000000045a000-00000000003c3fff 0x0000/0x0004 0x0020000
10014e0.890: 00000000004f0000-ffffffff89c2ffff 0x0001/0x0000 0x0000000
10114e0.890: *0000000076db0000-0000000076daefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
10214e0.890: 0000000076db1000-0000000076d15fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
10314e0.890: 0000000076e4c000-0000000076dddfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
10414e0.890: 0000000076eba000-0000000076eb7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
10514e0.890: 0000000076ebc000-0000000076ea8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
10614e0.890: 0000000076ecf000-0000000076ecdfff 0x0001/0x0000 0x0000000
10714e0.890: *0000000076ed0000-0000000076ecefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
10814e0.890: 0000000076ed1000-0000000076dcefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
10914e0.890: 0000000076fd3000-0000000076fa3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11014e0.890: 0000000077002000-0000000077000fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11114e0.890: 0000000077003000-0000000077001fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11214e0.890: 0000000077004000-0000000077002fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11314e0.890: 0000000077005000-0000000077002fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11414e0.890: 0000000077007000-0000000077005fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11514e0.890: 0000000077008000-0000000077006fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11614e0.890: 0000000077009000-0000000077006fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11714e0.890: 000000007700b000-0000000077009fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11814e0.890: 000000007700c000-0000000077009fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11914e0.890: 000000007700e000-0000000076fa2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12014e0.890: 0000000077079000-000000006f111fff 0x0001/0x0000 0x0000000
12114e0.890: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
12214e0.890: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
12314e0.890: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
12414e0.890: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
12514e0.890: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
12614e0.890: 000000007fff0000-ffffffffc011ffff 0x0001/0x0000 0x0000000
12714e0.890: *000000013fec0000-000000013febefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
12814e0.890: 000000013fec1000-000000013fe41fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
12914e0.890: 000000013ff40000-000000013ff3efff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13014e0.890: 000000013ff41000-000000013ff09fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13114e0.890: 000000013ff78000-000000013ff6efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13214e0.890: 000000013ff81000-000000013ff47fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
13314e0.890: 000000013ffba000-fffff80382ff3fff 0x0001/0x0000 0x0000000
13414e0.890: *000007fefcf80000-000007fefcf7efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
13514e0.890: 000007fefcf81000-000007fefcf36fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
13614e0.890: 000007fefcfcb000-000007fefcfb4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
13714e0.890: 000007fefcfe1000-000007fefcfdefff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
13814e0.890: 000007fefcfe3000-000007fefcfd9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
13914e0.890: 000007fefcfec000-000007fefade7fff 0x0001/0x0000 0x0000000
14014e0.890: *000007feff1f0000-000007feff1eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
14114e0.890: 000007feff1f1000-000007fdfe431fff 0x0001/0x0000 0x0000000
14214e0.890: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
14314e0.890: 000007fffffd3000-000007fffffd0fff 0x0001/0x0000 0x0000000
14414e0.890: *000007fffffd5000-000007fffffd3fff 0x0004/0x0004 0x0020000
14514e0.890: 000007fffffd6000-000007fffffcdfff 0x0001/0x0000 0x0000000
14614e0.890: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
14714e0.890: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
14814e0.890: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
14914e0.890: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
15014e0.890: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
15114e0.890: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
15214e0.890: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
15314e0.890: supHardNtVpScanVirtualMemory: enmKind=VERIFY_ONLY
15414e0.890: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
15514e0.890: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
15614e0.890: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
15714e0.890: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
15814e0.890: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
15914e0.890: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
16014e0.890: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
16114e0.890: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
16214e0.890: 0000000000051000-0000000000041fff 0x0001/0x0000 0x0000000
16314e0.890: *0000000000060000-ffffffffffff8fff 0x0002/0x0002 0x0040000
16414e0.890: 00000000000c7000-000000000008dfff 0x0001/0x0000 0x0000000
16514e0.890: *0000000000100000-0000000000005fff 0x0000/0x0004 0x0020000
16614e0.890: 00000000001fa000-00000000001f7fff 0x0104/0x0004 0x0020000
16714e0.890: 00000000001fc000-00000000001f7fff 0x0004/0x0004 0x0020000
16814e0.890: *0000000000200000-0000000000055fff 0x0004/0x0004 0x0020000
16914e0.890: 00000000003aa000-0000000000363fff 0x0001/0x0000 0x0000000
17014e0.890: *00000000003f0000-0000000000302fff 0x0004/0x0004 0x0020000
17114e0.890: 00000000004dd000-00000000004c9fff 0x0000/0x0004 0x0020000
17214e0.890: *00000000004f0000-00000000003f3fff 0x0004/0x0004 0x0020000
17314e0.890: 00000000005ec000-00000000005e7fff 0x0000/0x0004 0x0020000
17414e0.890: *00000000005f0000-0000000000581fff 0x0004/0x0004 0x0020000
17514e0.890: 000000000065e000-00000000004cbfff 0x0000/0x0004 0x0020000
17614e0.890: *00000000007f0000-00000000006cffff 0x0004/0x0004 0x0020000
17714e0.890: 0000000000910000-ffffffff8a46ffff 0x0001/0x0000 0x0000000
17814e0.890: *0000000076db0000-0000000076daefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
17914e0.890: 0000000076db1000-0000000076d15fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
18014e0.890: 0000000076e4c000-0000000076dddfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
18114e0.890: 0000000076eba000-0000000076eb7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
18214e0.890: 0000000076ebc000-0000000076ea8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
18314e0.890: 0000000076ecf000-0000000076ecdfff 0x0001/0x0000 0x0000000
18414e0.890: *0000000076ed0000-0000000076ecefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
18514e0.890: 0000000076ed1000-0000000076dcefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
18614e0.890: 0000000076fd3000-0000000076fa3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
18714e0.890: 0000000077002000-0000000077000fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
18814e0.890: 0000000077003000-0000000077001fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
18914e0.890: 0000000077004000-0000000077002fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
19014e0.890: 0000000077005000-0000000077002fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
19114e0.890: 0000000077007000-0000000077005fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
19214e0.890: 0000000077008000-0000000077006fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
19314e0.890: 0000000077009000-0000000077006fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
19414e0.890: 000000007700b000-0000000077009fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
19514e0.890: 000000007700c000-0000000077009fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
19614e0.890: 000000007700e000-0000000076fa2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
19714e0.890: 0000000077079000-0000000077071fff 0x0001/0x0000 0x0000000
19814e0.890: *0000000077080000-000000007707efff 0x0004/0x0004 0x0020000
19914e0.890: 0000000077081000-000000006f121fff 0x0001/0x0000 0x0000000
20014e0.890: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
20114e0.890: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
20214e0.890: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
20314e0.890: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
20414e0.890: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
20514e0.890: 000000007fff0000-ffffffffc011ffff 0x0001/0x0000 0x0000000
20614e0.890: *000000013fec0000-000000013febefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20714e0.890: 000000013fec1000-000000013fe40fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20814e0.890: 000000013ff41000-000000013ff09fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
20914e0.890: 000000013ff78000-000000013ff6efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
21014e0.890: 000000013ff81000-000000013ff47fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
21114e0.890: 000000013ffba000-fffff80382ff3fff 0x0001/0x0000 0x0000000
21214e0.890: *000007fefcf80000-000007fefcf7efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
21314e0.890: 000007fefcf81000-000007fefcf36fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
21414e0.890: 000007fefcfcb000-000007fefcfb4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
21514e0.890: 000007fefcfe1000-000007fefcfdefff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
21614e0.890: 000007fefcfe3000-000007fefcfd9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
21714e0.890: 000007fefcfec000-000007fefade7fff 0x0001/0x0000 0x0000000
21814e0.890: *000007feff1f0000-000007feff1eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
21914e0.890: 000007feff1f1000-000007fdfe431fff 0x0001/0x0000 0x0000000
22014e0.890: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
22114e0.890: 000007fffffd3000-000007fffffd0fff 0x0001/0x0000 0x0000000
22214e0.890: *000007fffffd5000-000007fffffd3fff 0x0004/0x0004 0x0020000
22314e0.890: 000007fffffd6000-000007fffffcdfff 0x0001/0x0000 0x0000000
22414e0.890: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
22514e0.890: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
22614e0.890: SUPR3HardenedMain: Respawn #2
22714e0.890: supR3HardNtEnableThreadCreation:
22814e0.890: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags>
22914e0.890: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
23014e0.890: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
23114e0.890: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
23214e0.890: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcad0000 'C:\Windows\system32\apphelp.dll'
23314e0.890: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076efc340 pvNtTerminateThread=0000000076f217e0
23414e0.890: supR3HardenedWinDoReSpawn(2): New child 1684.160c [kernel32].
23514e0.890: supR3HardenedWinPurifyChild: PebBaseAddress=000007fffffdb000 cbPeb=0x380
23614e0.890: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000076ed0000 uNtDllChildAddr=0000000076ed0000
23714e0.890: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=0000000076efc340 uNtTerminateThread=0000000076f217e0
23814e0.890: supR3HardNtDisableThreadCreation: pvLdrInitThunk=0000000076efc340 pvNtTerminateThread=0000000076f217e0
23914e0.890: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
24014e0.890: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdll.dll)
24114e0.890: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdll.dll
24214e0.890: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
24314e0.890: supR3HardNtPuChTriggerInitialImageEvents: ntdll.dll[2nd] mapped at 0000000000250000 LB 0x1a9000
24414e0.890: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
24514e0.890: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
24614e0.890: supR3HardNtPuChTriggerInitialImageEvents: mapping view of kernel32.dll
24714e0.890: supR3HardNtPuChTriggerInitialImageEvents: kernel32.dll mapped at 0000000076db0000 LB 0x11f000
24814e0.890: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
24914e0.890: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
25014e0.890: supR3HardNtPuChTriggerInitialImageEvents: mapping view of KernelBase.dll
25114e0.890: supR3HardNtPuChTriggerInitialImageEvents: KernelBase.dll mapped at 000007fefcf80000 LB 0x6c000
25214e0.890: supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: 32 ms
25314e0.890: supR3HardNtEnableThreadCreation:
25414e0.890: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
25514e0.890: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
25614e0.890: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
25714e0.890: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
25814e0.890: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
25914e0.890: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
26014e0.890: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
26114e0.890: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
26214e0.890: 0000000000051000-fffffffffff51fff 0x0001/0x0000 0x0000000
26314e0.890: *0000000000150000-0000000000053fff 0x0000/0x0004 0x0020000
26414e0.890: 000000000024c000-0000000000248fff 0x0104/0x0004 0x0020000
26514e0.890: 000000000024f000-000000000024dfff 0x0004/0x0004 0x0020000
26614e0.890: 0000000000250000-ffffffff895cffff 0x0001/0x0000 0x0000000
26714e0.890: *0000000076ed0000-0000000076ecefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
26814e0.890: 0000000076ed1000-0000000076dcefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
26914e0.890: 0000000076fd3000-0000000076fa3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27014e0.890: 0000000077002000-0000000076ff9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27114e0.890: 000000007700a000-0000000077008fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27214e0.890: 000000007700b000-0000000077007fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27314e0.890: 000000007700e000-0000000076fa2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
27414e0.890: 0000000077079000-000000006f111fff 0x0001/0x0000 0x0000000
27514e0.890: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
27614e0.890: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
27714e0.890: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
27814e0.890: 000000007fff0000-ffffffffc011ffff 0x0001/0x0000 0x0000000
27914e0.890: *000000013fec0000-000000013febefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
28014e0.890: 000000013fec1000-000000013fe41fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
28114e0.890: 000000013ff40000-000000013ff3efff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
28214e0.890: 000000013ff41000-000000013ff09fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
28314e0.890: 000000013ff78000-000000013ff6efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
28414e0.890: 000000013ff81000-000000013ff47fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
28514e0.890: 000000013ffba000-fffff80380d83fff 0x0001/0x0000 0x0000000
28614e0.890: *000007feff1f0000-000007feff1eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
28714e0.890: 000007feff1f1000-000007fdfe431fff 0x0001/0x0000 0x0000000
28814e0.890: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
28914e0.890: 000007fffffd3000-000007fffffcafff 0x0001/0x0000 0x0000000
29014e0.890: *000007fffffdb000-000007fffffd9fff 0x0004/0x0004 0x0020000
29114e0.890: 000007fffffdc000-000007fffffd9fff 0x0001/0x0000 0x0000000
29214e0.890: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
29314e0.890: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2941684.160c: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
2951684.160c: Calling main()
2961684.160c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2971684.160c: System32: \Device\HarddiskVolume2\Windows\System32
2981684.160c: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
2991684.160c: ProgDir: \Device\HarddiskVolume2\Program Files
3001684.160c: ComDir: \Device\HarddiskVolume2\Program Files\Common Files
3011684.160c: ProgDir32: \Device\HarddiskVolume2\Program Files (x86)
3021684.160c: ComDir32: \Device\HarddiskVolume2\Program Files (x86)\Common Files
3031684.160c: supR3HardenedWinInit: Startup delay kludge #2/0: 124 ms, 8 sleeps
3041684.160c: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
3051684.160c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
3061684.160c: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
3071684.160c: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
3081684.160c: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
3091684.160c: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
3101684.160c: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
3111684.160c: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
3121684.160c: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
3131684.160c: 0000000000051000-0000000000041fff 0x0001/0x0000 0x0000000
3141684.160c: *0000000000060000-ffffffffffff8fff 0x0002/0x0002 0x0040000
3151684.160c: 00000000000c7000-000000000003dfff 0x0001/0x0000 0x0000000
3161684.160c: *0000000000150000-0000000000054fff 0x0000/0x0004 0x0020000
3171684.160c: 000000000024b000-0000000000248fff 0x0104/0x0004 0x0020000
3181684.160c: 000000000024d000-0000000000249fff 0x0004/0x0004 0x0020000
3191684.160c: 0000000000250000-00000000001affff 0x0001/0x0000 0x0000000
3201684.160c: *00000000002f0000-0000000000285fff 0x0004/0x0004 0x0020000
3211684.160c: 000000000035a000-00000000002c3fff 0x0000/0x0004 0x0020000
3221684.160c: *00000000003f0000-0000000000245fff 0x0004/0x0004 0x0020000
3231684.160c: 000000000059a000-ffffffff89d83fff 0x0001/0x0000 0x0000000
3241684.160c: *0000000076db0000-0000000076daefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3251684.160c: 0000000076db1000-0000000076d15fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3261684.160c: 0000000076e4c000-0000000076dddfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3271684.160c: 0000000076eba000-0000000076eb7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3281684.160c: 0000000076ebc000-0000000076ea8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3291684.160c: 0000000076ecf000-0000000076ecdfff 0x0001/0x0000 0x0000000
3301684.160c: *0000000076ed0000-0000000076ecefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3311684.160c: 0000000076ed1000-0000000076dcefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3321684.160c: 0000000076fd3000-0000000076fa3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3331684.160c: 0000000077002000-0000000077000fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3341684.160c: 0000000077003000-0000000077001fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3351684.160c: 0000000077004000-0000000077002fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3361684.160c: 0000000077005000-0000000077002fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3371684.160c: 0000000077007000-0000000077005fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3381684.160c: 0000000077008000-0000000077006fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3391684.160c: 0000000077009000-0000000077006fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3401684.160c: 000000007700b000-0000000077009fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3411684.160c: 000000007700c000-0000000077009fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3421684.160c: 000000007700e000-0000000076fa2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3431684.160c: 0000000077079000-000000006f111fff 0x0001/0x0000 0x0000000
3441684.160c: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
3451684.160c: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
3461684.160c: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
3471684.160c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
3481684.160c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
3491684.160c: 000000007fff0000-ffffffffc011ffff 0x0001/0x0000 0x0000000
3501684.160c: *000000013fec0000-000000013febefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3511684.160c: 000000013fec1000-000000013fe41fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3521684.160c: 000000013ff40000-000000013ff3efff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3531684.160c: 000000013ff41000-000000013ff09fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3541684.160c: 000000013ff78000-000000013ff6efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3551684.160c: 000000013ff81000-000000013ff47fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
3561684.160c: 000000013ffba000-fffff80382ff3fff 0x0001/0x0000 0x0000000
3571684.160c: *000007fefcf80000-000007fefcf7efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3581684.160c: 000007fefcf81000-000007fefcf36fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3591684.160c: 000007fefcfcb000-000007fefcfb4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3601684.160c: 000007fefcfe1000-000007fefcfdefff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3611684.160c: 000007fefcfe3000-000007fefcfd9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3621684.160c: 000007fefcfec000-000007fefade7fff 0x0001/0x0000 0x0000000
3631684.160c: *000007feff1f0000-000007feff1eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
3641684.160c: 000007feff1f1000-000007fdfe431fff 0x0001/0x0000 0x0000000
3651684.160c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
3661684.160c: 000007fffffd3000-000007fffffcafff 0x0001/0x0000 0x0000000
3671684.160c: *000007fffffdb000-000007fffffd9fff 0x0004/0x0004 0x0020000
3681684.160c: 000007fffffdc000-000007fffffd9fff 0x0001/0x0000 0x0000000
3691684.160c: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
3701684.160c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
3711684.160c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3721684.160c: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
3731684.160c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
3741684.160c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3751684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
3761684.160c: supHardNtVpScanVirtualMemory: enmKind=VERIFY_ONLY
3771684.160c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
3781684.160c: *0000000000010000-ffffffffffffffff 0x0004/0x0004 0x0040000
3791684.160c: 0000000000020000-000000000000ffff 0x0001/0x0000 0x0000000
3801684.160c: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
3811684.160c: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
3821684.160c: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
3831684.160c: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
3841684.160c: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
3851684.160c: 0000000000051000-0000000000041fff 0x0001/0x0000 0x0000000
3861684.160c: *0000000000060000-ffffffffffff8fff 0x0002/0x0002 0x0040000
3871684.160c: 00000000000c7000-000000000003dfff 0x0001/0x0000 0x0000000
3881684.160c: *0000000000150000-0000000000055fff 0x0000/0x0004 0x0020000
3891684.160c: 000000000024a000-0000000000247fff 0x0104/0x0004 0x0020000
3901684.160c: 000000000024c000-0000000000247fff 0x0004/0x0004 0x0020000
3911684.160c: 0000000000250000-00000000001affff 0x0001/0x0000 0x0000000
3921684.160c: *00000000002f0000-0000000000202fff 0x0004/0x0004 0x0020000
3931684.160c: 00000000003dd000-00000000003c9fff 0x0000/0x0004 0x0020000
3941684.160c: *00000000003f0000-0000000000245fff 0x0004/0x0004 0x0020000
3951684.160c: 000000000059a000-0000000000593fff 0x0001/0x0000 0x0000000
3961684.160c: *00000000005a0000-00000000004a3fff 0x0004/0x0004 0x0020000
3971684.160c: 000000000069c000-0000000000697fff 0x0000/0x0004 0x0020000
3981684.160c: *00000000006a0000-0000000000631fff 0x0004/0x0004 0x0020000
3991684.160c: 000000000070e000-000000000057bfff 0x0000/0x0004 0x0020000
4001684.160c: *00000000008a0000-000000000077ffff 0x0004/0x0004 0x0020000
4011684.160c: 00000000009c0000-ffffffff8a5cffff 0x0001/0x0000 0x0000000
4021684.160c: *0000000076db0000-0000000076daefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
4031684.160c: 0000000076db1000-0000000076d15fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
4041684.160c: 0000000076e4c000-0000000076dddfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
4051684.160c: 0000000076eba000-0000000076eb7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
4061684.160c: 0000000076ebc000-0000000076ea8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
4071684.160c: 0000000076ecf000-0000000076ecdfff 0x0001/0x0000 0x0000000
4081684.160c: *0000000076ed0000-0000000076ecefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4091684.160c: 0000000076ed1000-0000000076dcefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4101684.160c: 0000000076fd3000-0000000076fa3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4111684.160c: 0000000077002000-0000000077000fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4121684.160c: 0000000077003000-0000000077001fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4131684.160c: 0000000077004000-0000000077002fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4141684.160c: 0000000077005000-0000000077002fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4151684.160c: 0000000077007000-0000000077005fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4161684.160c: 0000000077008000-0000000077006fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4171684.160c: 0000000077009000-0000000077006fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4181684.160c: 000000007700b000-0000000077009fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4191684.160c: 000000007700c000-0000000077009fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4201684.160c: 000000007700e000-0000000076fa2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4211684.160c: 0000000077079000-0000000077071fff 0x0001/0x0000 0x0000000
4221684.160c: *0000000077080000-000000007707efff 0x0004/0x0004 0x0020000
4231684.160c: 0000000077081000-000000006f121fff 0x0001/0x0000 0x0000000
4241684.160c: *000000007efe0000-000000007efdafff 0x0002/0x0002 0x0040000
4251684.160c: 000000007efe5000-000000007eee9fff 0x0000/0x0002 0x0040000
4261684.160c: *000000007f0e0000-000000007e1dffff 0x0000/0x0002 0x0020000
4271684.160c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
4281684.160c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
4291684.160c: 000000007fff0000-ffffffffc011ffff 0x0001/0x0000 0x0000000
4301684.160c: *000000013fec0000-000000013febefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4311684.160c: 000000013fec1000-000000013fe40fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4321684.160c: 000000013ff41000-000000013ff09fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4331684.160c: 000000013ff78000-000000013ff6efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4341684.160c: 000000013ff81000-000000013ff47fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4351684.160c: 000000013ffba000-fffff80382ff3fff 0x0001/0x0000 0x0000000
4361684.160c: *000007fefcf80000-000007fefcf7efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
4371684.160c: 000007fefcf81000-000007fefcf36fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
4381684.160c: 000007fefcfcb000-000007fefcfb4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
4391684.160c: 000007fefcfe1000-000007fefcfdefff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
4401684.160c: 000007fefcfe3000-000007fefcfd9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
4411684.160c: 000007fefcfec000-000007fefade7fff 0x0001/0x0000 0x0000000
4421684.160c: *000007feff1f0000-000007feff1eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
4431684.160c: 000007feff1f1000-000007fdfe431fff 0x0001/0x0000 0x0000000
4441684.160c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
4451684.160c: 000007fffffd3000-000007fffffcafff 0x0001/0x0000 0x0000000
4461684.160c: *000007fffffdb000-000007fffffd9fff 0x0004/0x0004 0x0020000
4471684.160c: 000007fffffdc000-000007fffffd9fff 0x0001/0x0000 0x0000000
4481684.160c: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
4491684.160c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
4501684.160c: SUPR3HardenedMain: Final process, opening VBoxDrv...
4511684.160c: supR3HardNtEnableThreadCreation:
4521684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=00000000003dcf90:C:\Windows\system32
4531684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
4541684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
4551684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4561684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
4571684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4581684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa030000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4591684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
4601684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4611684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa030000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4621684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa030000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4631684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll *pfFlags=0x0 pwszSearchPath=00000000003dcf90:C:\Windows\system32
4641684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4651684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
4661684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
4671684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
4681684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
4691684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
4701684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4711684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
4721684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
4731684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
4741684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4751684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
4761684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
4771684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
4781684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
4791684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
4801684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4811684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
4821684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
4831684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
4841684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4851684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
4861684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
4871684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
4881684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4891684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
4901684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4911684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4921684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
4931684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4941684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4951684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf20000 'C:\Windows\system32\Wintrust.dll'
4961684.160c: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
4971684.160c: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\Windows\system32\CRYPTSP.dll' [rcNt=0xc0150008]
4981684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
4991684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
5001684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5011684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc490000 'C:\Windows\system32\CRYPTSP.dll'
5021684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
5031684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5041684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
5051684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
5061684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5071684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
5081684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5091684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5101684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc190000 'C:\Windows\system32\rsaenh.dll'
5111684.160c: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
5121684.160c: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
5131684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5141684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
5151684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
5161684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
5171684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5181684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
5191684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5201684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5211684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
5221684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5231684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
5241684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
5251684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
5261684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
5271684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
5281684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6e0000 'C:\Windows\system32\ADVAPI32.dll'
5291684.160c: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTBASE.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
5301684.160c: supR3HardenedMonitor_LdrLoadDll: 'CRYPTBASE.dll' -> 'C:\Windows\system32\CRYPTBASE.dll' [rcNt=0xc0150008]
5311684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
5321684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
5331684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5341684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
5351684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5361684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5371684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
5381684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5391684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5401684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb30000 'C:\Windows\system32\CRYPTBASE.dll'
5411684.160c: supR3HardenedMonitor_LdrLoadDll: pName=kernel32.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
5421684.160c: supR3HardenedMonitor_LdrLoadDll: 'kernel32.dll' -> 'C:\Windows\system32\kernel32.dll' [rcNt=0xc0150008]
5431684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
5441684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
5451684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076db0000 'C:\Windows\system32\kernel32.dll'
5461684.160c: supR3HardenedMonitor_LdrLoadDll: pName=WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
5471684.160c: supR3HardenedMonitor_LdrLoadDll: 'WINTRUST.DLL' -> 'C:\Windows\system32\WINTRUST.DLL' [rcNt=0xc0150008]
5481684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5491684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf20000 'C:\Windows\system32\WINTRUST.DLL'
5501684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
5511684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5521684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdb0000 'C:\Windows\system32\CRYPT32.dll'
5531684.160c: supR3HardenedMonitor_LdrLoadDll: pName=imagehlp.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
5541684.160c: supR3HardenedMonitor_LdrLoadDll: 'imagehlp.dll' -> 'C:\Windows\system32\imagehlp.dll' [rcNt=0xc0150008]
5551684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5561684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
5571684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
5581684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
5591684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
5601684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
5611684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
5621684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5631684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
5641684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5651684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
5661684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe090000 'C:\Windows\system32\imagehlp.dll'
5671684.160c: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
5681684.160c: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\Windows\system32\CRYPTSP.dll' [rcNt=0xc0150008]
5691684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5701684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc490000 'C:\Windows\system32\CRYPTSP.dll'
5711684.160c: supR3HardenedMonitor_LdrLoadDll: pName=USER32.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
5721684.160c: supR3HardenedMonitor_LdrLoadDll: 'USER32.dll' -> 'C:\Windows\system32\USER32.dll' [rcNt=0xc0150008]
5731684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
5741684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
5751684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
5761684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5771684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
5781684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
5791684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
5801684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
5811684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
5821684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
5831684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
5841684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
5851684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
5861684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
5871684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
5881684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
5891684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5901684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
5911684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
5921684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
5931684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
5941684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5951684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
5961684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
5971684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
5981684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
5991684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6001684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
6011684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
6021684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6031684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
6041684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6051684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6061684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
6071684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6081684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6091684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
6101684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
6111684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6121684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
6131684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6141684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
6151684.160c: supR3HardenedMonitor_LdrLoadDll: pName=gdi32.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
6161684.160c: supR3HardenedMonitor_LdrLoadDll: 'gdi32.dll' -> 'C:\Windows\system32\gdi32.dll' [rcNt=0xc0150008]
6171684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6181684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe810000 'C:\Windows\system32\gdi32.dll'
6191684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
6201684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
6211684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
6221684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
6231684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
6241684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
6251684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
6261684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
6271684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6281684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
6291684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
6301684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
6311684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
6321684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
6331684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6341684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
6351684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6361684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6371684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
6381684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
6391684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
6401684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
6411684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6421684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
6431684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
6441684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
6451684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6461684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
6471684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
6481684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6491684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
6501684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6511684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
6521684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0b0000 'C:\Windows\system32\IMM32.DLL'
6531684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
6541684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'psapi.dll'.
6551684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
6561684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files (x86)\Sophos\Sophos Anti)
6571684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files (x86)\Sophos\Sophos Anti
6581684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6591684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
6601684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
6611684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
6621684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\psapi.dll'
6631684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\psapi.dll)
6641684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\psapi.dll
6651684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'psapi.dll'.
6661684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
6671684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files (x86)\Sophos\Sophos Anti)
6681684.160c: supR3HardenedMonitor_LdrLoadDll: pName=ntdll.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
6691684.160c: supR3HardenedMonitor_LdrLoadDll: 'ntdll.dll' -> 'C:\Windows\system32\ntdll.dll' [rcNt=0xc0150008]
6701684.160c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
6711684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdll.dll)
6721684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdll.dll
6731684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
6741684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
6751684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
6761684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
6771684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\psapi.dll'
6781684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\psapi.dll [lacks WinVerifyTrust]
6791684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076ed0000 'C:\Windows\system32\ntdll.dll'
6801684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000749f0000 'C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL'
6811684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cb0000 'C:\Windows\system32\USER32.dll'
6821684.160c: supR3HardenedMonitor_LdrLoadDll: pName=ncrypt.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
6831684.160c: supR3HardenedMonitor_LdrLoadDll: 'ncrypt.dll' -> 'C:\Windows\system32\ncrypt.dll' [rcNt=0xc0150008]
6841684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
6851684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
6861684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
6871684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
6881684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
6891684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
6901684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
6911684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
6921684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6931684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
6941684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6951684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
6961684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
6971684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
6981684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
6991684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
7001684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
7011684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc6c0000 'C:\Windows\system32\ncrypt.dll'
7021684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7031684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
7041684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
7051684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
7061684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
7071684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
7081684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
7091684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
7101684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7111684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
7121684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
7131684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
7141684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc0d0000 'C:\Windows\system32\bcryptprimitives.dll'
7151684.160c: supR3HardenedMonitor_LdrLoadDll: pName=bcrypt.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7161684.160c: supR3HardenedMonitor_LdrLoadDll: 'bcrypt.dll' -> 'C:\Windows\system32\bcrypt.dll' [rcNt=0xc0150008]
7171684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
7181684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc690000 'C:\Windows\system32\bcrypt.dll'
7191684.160c: supR3HardenedMonitor_LdrLoadDll: pName=USERENV.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7201684.160c: supR3HardenedMonitor_LdrLoadDll: 'USERENV.dll' -> 'C:\Windows\system32\USERENV.dll' [rcNt=0xc0150008]
7211684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7221684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
7231684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
7241684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
7251684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
7261684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
7271684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
7281684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7291684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
7301684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
7311684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7321684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
7331684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7341684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7351684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
7361684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7371684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7381684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
7391684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7401684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
7411684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf60000 'C:\Windows\system32\USERENV.dll'
7421684.160c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7431684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7441684.160c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7451684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7461684.160c: supR3HardenedMonitor_LdrLoadDll: pName=GPAPI.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7471684.160c: supR3HardenedMonitor_LdrLoadDll: 'GPAPI.dll' -> 'C:\Windows\system32\GPAPI.dll' [rcNt=0xc0150008]
7481684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7491684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
7501684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
7511684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
7521684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7531684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
7541684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7551684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7561684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
7571684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7581684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
7591684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefbf40000 'C:\Windows\system32\GPAPI.dll'
7601684.160c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7611684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
7621684.160c: supR3HardenedMonitor_LdrLoadDll: pName=rpcrt4.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7631684.160c: supR3HardenedMonitor_LdrLoadDll: 'rpcrt4.dll' -> 'C:\Windows\system32\rpcrt4.dll' [rcNt=0xc0150008]
7641684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7651684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe920000 'C:\Windows\system32\rpcrt4.dll'
7661684.160c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7671684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
7681684.160c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7691684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
7701684.160c: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7711684.160c: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
7721684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7731684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
7741684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
7751684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
7761684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
7771684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
7781684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
7791684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll'
7801684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7811684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
7821684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
7831684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
7841684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
7851684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7861684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7871684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
7881684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
7891684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7901684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
7911684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7921684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7931684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
7941684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7951684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7961684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
7971684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7981684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
7991684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8001684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8011684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8021684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8031684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8041684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8051684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8061684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8071684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8081684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8091684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8101684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8111684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8121684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8131684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8141684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8151684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8161684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8171684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8181684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8191684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8201684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8211684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8221684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8231684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8241684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8251684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8261684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll *pfFlags=0x1002 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8271684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8281684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8291684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8301684.160c: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8311684.160c: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
8321684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8331684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
8341684.160c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8351684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
8361684.160c: supR3HardenedMonitor_LdrLoadDll: pName=profapi.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8371684.160c: supR3HardenedMonitor_LdrLoadDll: 'profapi.dll' -> 'C:\Windows\system32\profapi.dll' [rcNt=0xc0150008]
8381684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
8391684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcca0000 'C:\Windows\system32\profapi.dll'
8401684.160c: supR3HardenedMonitor_LdrLoadDll: pName=SHLWAPI.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8411684.160c: supR3HardenedMonitor_LdrLoadDll: 'SHLWAPI.dll' -> 'C:\Windows\system32\SHLWAPI.dll' [rcNt=0xc0150008]
8421684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
8431684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
8441684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
8451684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
8461684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
8471684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8481684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
8491684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8501684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
8511684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
8521684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
8531684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
8541684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
8551684.160c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
8561684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
8571684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5c0000 'C:\Windows\system32\SHLWAPI.dll'
8581684.160c: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010e (CERT_E_REVOCATION_FAILURE) on '\SystemRoot\System32\ntdll.dll'
8591684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
8601684.160c: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000006d0730
8611684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
8621684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=771D512B7B1C39F0393BD4EF9FC62F442783FB35
8631684.160c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8641684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
8651684.160c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8661684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
8671684.160c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8681684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
8691684.160c: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8701684.160c: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
8711684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8721684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6e0000 'C:\Windows\system32\ADVAPI32.dll'
8731684.160c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8741684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
8751684.160c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
8761684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
8771684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2882822~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\SystemRoot\System32\ntdll.dll'
8781684.160c: g_pfnWinVerifyTrust=000007fefcf21010
8791684.160c: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
8801684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
8811684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
8821684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
8831684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B757256DD06374F77FF8DC61E1FEC0E93F3DF2F3
8841684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_192_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
8851684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
8861684.160c: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
8871684.160c: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
8881684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
8891684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
8901684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
8911684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E9D66460DAFA96F2CF96829A002753DECB7ED7CF
8921684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
8931684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
8941684.160c: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
8951684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000390 pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
8961684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
8971684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
8981684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
8991684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
9001684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9011684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
9021684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000388 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
9031684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9041684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9051684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
9061684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
9071684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9081684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
9091684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
9101684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9111684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9121684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2545617940C2A353D1E2B307B3C55DF27B1EEBE9
9131684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
9141684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9151684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
9161684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000260 pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
9171684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9181684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9191684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
9201684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
9211684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9221684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
9231684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001cc pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
9241684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9251684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9261684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
9271684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
9281684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9291684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
9301684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c8 pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
9311684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9321684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9331684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
9341684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
9351684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9361684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
9371684.160c: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010e (CERT_E_REVOCATION_FAILURE) on '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
9381684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22919 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
9391684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a0 pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
9401684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9411684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9421684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
9431684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
9441684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9451684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
9461684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
9471684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9481684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9491684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=90FE6266BB1F23D28B30196102D9B13306941D8B
9501684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_50_for_KB3046049~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
9511684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9521684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
9531684.160c: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010e (CERT_E_REVOCATION_FAILURE) on '\Device\HarddiskVolume2\Windows\System32\ntdll.dll'
9541684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22919 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ntdll.dll'
9551684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume2\Windows\System32\psapi.dll
9561684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9571684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9581684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=561BAAB249C395B66D294444DF251EDB701DB607
9591684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\psapi.dll'
9601684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9611684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\psapi.dll'
9621684.160c: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010e (CERT_E_REVOCATION_FAILURE) on '\Device\HarddiskVolume2\Program Files (x86)\Sophos\Sophos Anti'
9631684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22919 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files (x86)\Sophos\Sophos Anti'
9641684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
9651684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9661684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9671684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03916BC73EE5A0E312E3D3100D0ACE1B78E93BB1
9681684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3033889~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
9691684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9701684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
9711684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
9721684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9731684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9741684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
9751684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
9761684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9771684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
9781684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000170 pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
9791684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9801684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9811684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1F1AA8340DE02FC1B6341EE2706E55D56EDF63B8
9821684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2957509~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
9831684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9841684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
9851684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
9861684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9871684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9881684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A9BD2F77F6F16827206A18B4C9CB5FCFA62A60CF
9891684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3032323~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
9901684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9911684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
9921684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000168 pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
9931684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
9941684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
9951684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AEB59C2353484ADF282BEA358113ABD82C223B9
9961684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2993651~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
9971684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9981684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
9991684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000164 pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
10001684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
10011684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
10021684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B723D1B8AD72750B0CF5F6BEC66171B1254ED879
10031684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\user32.dll'
10041684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10051684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
10061684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000160 pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
10071684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
10081684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
10091684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
10101684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
10111684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10121684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
10131684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000015c pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
10141684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
10151684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
10161684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5349346AE66DA4E3A7206628F484AC3B3AA43776
10171684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB2922229~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
10181684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10191684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
10201684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000118 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
10211684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
10221684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
10231684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
10241684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
10251684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10261684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
10271684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000010c pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
10281684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
10291684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
10301684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
10311684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
10321684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10331684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
10341684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000100 pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
10351684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
10361684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
10371684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7C0A1C638CE7C1160F49C473EC1420BD3AB693C4
10381684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB2882822~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
10391684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10401684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
10411684.160c: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010e (CERT_E_REVOCATION_FAILURE) on '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
10421684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: -22919 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
10431684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000fc pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
10441684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
10451684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
10461684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BA7AC4A7E8ADDFEA90AC951ECB6D6546E4873613
10471684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
10481684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10491684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
10501684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
10511684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
10521684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
10531684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
10541684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
10551684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10561684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
10571684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
10581684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
10591684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
10601684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
10611684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
10621684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10631684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
10641684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d0 pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
10651684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
10661684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
10671684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03E871CFC4A3E7194619AFC99CEEA1EC75982D12
10681684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2978668~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
10691684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
10701684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
10711684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
10721684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll *pfFlags=0x0 pwszSearchPath=00000000005c9630:C:\Windows\system32
10731684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
10741684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdb0000 'C:\Windows\system32\crypt32.dll'
10751684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
10761684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
10771684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
10781684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
10791684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
10801684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
10811684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
10821684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
10831684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
10841684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
10851684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
10861684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
10871684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
10881684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
10891684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
10901684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
10911684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
10921684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
10931684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
10941684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
10951684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
10961684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
10971684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
10981684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
10991684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x7e99244fccd3c200 CN=uranus.sarlupe.ohb-system.de
11001684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xe50ce9c3e41ebb00 CN=SAFEGUARDSRV02.ohb-system.de, OU=Sophos SafeGuard® Certificate
11011684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xb4523b93f2f2c400 DC=de, DC=ohb-system, CN=ohb-system-CA
11021684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0x4cbee9ece695cc00 DC=de, DC=ohb-system, CN=ohb-system-BESTA-CA
11031684.160c: supR3HardenedWinIsDesiredRootCA: Adding 0xb4523b93f2f2c400 DC=de, DC=ohb-system, CN=ohb-system-CA
11041684.160c: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=29
11051684.160c: SUPR3HardenedMain: Load Runtime...
11061684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
11071684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
11081684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
11091684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
11101684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
11111684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll)WinVerifyTrust
11121684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11131684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11141684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
11151684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
11161684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
11171684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
11181684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003f8 pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
11191684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
11201684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
11211684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
11221684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
11231684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11241684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11251684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
11261684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
11271684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll)WinVerifyTrust
11281684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
11291684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
11301684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
11311684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
11321684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll)WinVerifyTrust
11331684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
11341684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
11351684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
11361684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)WinVerifyTrust
11371684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
11381684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
11391684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
11401684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
11411684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
11421684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll'
11431684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000430 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
11441684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
11451684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
11461684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
11471684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
11481684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11491684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll)WinVerifyTrust
11501684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
11511684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11521684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
11531684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
11541684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11551684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
11561684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
11571684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11581684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
11591684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
11601684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11611684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11621684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11631684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11641684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11651684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11661684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11671684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11681684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11691684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11701684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11711684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11721684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11731684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11741684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11751684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11761684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11771684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11781684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11791684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11801684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11811684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11821684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11831684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11841684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11851684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11861684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11871684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11881684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11891684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11901684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11911684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11921684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11931684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11941684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11951684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11961684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
11971684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11981684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11991684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12001684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12011684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12021684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12031684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12041684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12051684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12061684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12071684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12081684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12091684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12101684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12111684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12121684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12131684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12141684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12151684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12161684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12171684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12181684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12191684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12201684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12211684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12221684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12231684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12241684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12251684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12261684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12271684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12281684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12291684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12301684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12311684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12321684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12331684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12341684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12351684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12361684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12371684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12381684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12391684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12401684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12411684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12421684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12431684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12441684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12451684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12461684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12471684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12481684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12491684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12501684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12511684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12521684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12531684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll *pfFlags=0x0 pwszSearchPath=00000000003512f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Python33\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\KONICA MINOLTA\PageScope Box Operator3\;C:\Program Files\TortoiseGit\bin;C:\Program Files (x86)\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\TortoiseSVN\bin
12541684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12551684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12561684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea900000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12571684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll *pfFlags=0x0 pwszSearchPath=00000000005c5830:C:\Windows\system32
12581684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
12591684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf20000 'C:\Windows\system32\Wintrust.dll'
12601684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll *pfFlags=0x0 pwszSearchPath=00000000005c5830:C:\Windows\system32
12611684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
12621684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdb0000 'C:\Windows\system32\crypt32.dll'
12631684.160c: SUPR3HardenedMain: Load TrustedMain...
12641684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
12651684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
12661684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
12671684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
12681684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
12691684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
12701684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
12711684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
12721684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
12731684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
12741684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
12751684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
12761684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
12771684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
12781684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
12791684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
12801684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
12811684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll)WinVerifyTrust
12821684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
12831684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
12841684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll'
12851684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a0 pwszName=\Device\HarddiskVolume2\Windows\System32\winmm.dll
12861684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
12871684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
12881684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
12891684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winmm.dll'
12901684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12911684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
12921684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
12931684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll)WinVerifyTrust
12941684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
12951684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
12961684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
12971684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000047c pwszName=\Device\HarddiskVolume2\Windows\System32\comdlg32.dll
12981684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
12991684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
13001684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
13011684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
13021684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13031684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13041684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
13051684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
13061684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
13071684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
13081684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
13091684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll)WinVerifyTrust
13101684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
13111684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
13121684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
13131684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004ac pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
13141684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
13151684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
13161684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=59C9A3379D97CB80EFB9D9152AF4E0240DDF8B29
13171684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3006226~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
13181684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13191684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
13201684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
13211684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
13221684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
13231684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
13241684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll)WinVerifyTrust
13251684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
13261684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13271684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
13281684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a4 pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
13291684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
13301684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
13311684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E64AE329BD5124592BC8CB0B327AA3B95DC65B7
13321684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
13331684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13341684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13351684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
13361684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
13371684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
13381684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll)WinVerifyTrust
13391684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
13401684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
13411684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
13421684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000494 pwszName=\Device\HarddiskVolume2\Windows\System32\shell32.dll
13431684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
13441684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
13451684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0ED534A13973A0F8A98CD4EDC6CBC56E0448E994
13461684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3039066~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\shell32.dll'
13471684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13481684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13491684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
13501684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
13511684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
13521684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll)WinVerifyTrust
13531684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
13541684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13551684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
13561684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
13571684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13581684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
13591684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
13601684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13611684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
13621684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
13631684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
13641684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll'
13651684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
13661684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
13671684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
13681684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
13691684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
13701684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
13711684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll)WinVerifyTrust
13721684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
13731684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
13741684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll'
13751684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
13761684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
13771684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
13781684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll)WinVerifyTrust
13791684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
13801684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
13811684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll'
13821684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
13831684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
13841684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
13851684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
13861684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
13871684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
13881684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
13891684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
13901684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
13911684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
13921684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
13931684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
13941684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
13951684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)WinVerifyTrust
13961684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
13971684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
13981684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
13991684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
14001684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
14011684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
14021684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
14031684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
14041684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
14051684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)WinVerifyTrust
14061684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
14071684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14081684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
14091684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
14101684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14111684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
14121684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
14131684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
14141684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
14151684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
14161684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
14171684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
14181684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004dc pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
14191684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
14201684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
14211684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
14221684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
14231684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14241684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14251684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
14261684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
14271684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
14281684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
14291684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
14301684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll)WinVerifyTrust
14311684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
14321684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14331684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
14341684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
14351684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
14361684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
14371684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c8 pwszName=\Device\HarddiskVolume2\Windows\System32\ddraw.dll
14381684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
14391684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
14401684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
14411684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
14421684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14431684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14441684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
14451684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
14461684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
14471684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
14481684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
14491684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll)WinVerifyTrust
14501684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
14511684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
14521684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll'
14531684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a8 pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
14541684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
14551684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
14561684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
14571684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\glu32.dll'
14581684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
14591684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14601684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
14611684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
14621684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\glu32.dll)WinVerifyTrust
14631684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
14641684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14651684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
14661684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
14671684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
14681684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
14691684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
14701684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14711684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
14721684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
14731684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14741684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
14751684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
14761684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14771684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
14781684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
14791684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
14801684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
14811684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
14821684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
14831684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
14841684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
14851684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
14861684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
14871684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
14881684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14891684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
14901684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
14911684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14921684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
14931684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
14941684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14951684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
14961684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
14971684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
14981684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
14991684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
15001684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
15011684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
15021684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
15031684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15041684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
15051684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
15061684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15071684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
15081684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
15091684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
15101684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
15111684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
15121684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
15131684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv'
15141684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c4 pwszName=\Device\HarddiskVolume2\Windows\System32\winspool.drv
15151684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
15161684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
15171684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
15181684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\winspool.drv'
15191684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15201684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15211684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
15221684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
15231684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winspool.drv)WinVerifyTrust
15241684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv
15251684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
15261684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll'
15271684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
15281684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
15291684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
15301684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
15311684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
15321684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
15331684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
15341684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
15351684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
15361684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
15371684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15381684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
15391684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
15401684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15411684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
15421684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
15431684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
15441684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
15451684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
15461684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
15471684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
15481684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
15491684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15501684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
15511684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
15521684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
15531684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
15541684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
15551684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
15561684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll'
15571684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
15581684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15591684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
15601684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
15611684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15621684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
15631684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
15641684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
15651684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
15661684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
15671684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15681684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
15691684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
15701684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15711684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
15721684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
15731684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
15741684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
15751684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
15761684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15771684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
15781684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
15791684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15801684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
15811684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
15821684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15831684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
15841684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
15851684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15861684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
15871684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
15881684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15891684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
15901684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
15911684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15921684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
15931684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
15941684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15951684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
15961684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
15971684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15981684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
15991684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
16001684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16011684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
16021684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
16031684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16041684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
16051684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
16061684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
16071684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
16081684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
16091684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
16101684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll'
16111684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004cc pwszName=\Device\HarddiskVolume2\Windows\System32\comctl32.dll
16121684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
16131684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
16141684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5A2FB6B10717AFC03CD9FE6E8F1337A8EA94BF9B
16151684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2864058~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\comctl32.dll'
16161684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16171684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
16181684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
16191684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
16201684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll)WinVerifyTrust
16211684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll
16221684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16231684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
16241684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
16251684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16261684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
16271684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16281684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
16291684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
16301684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
16311684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16321684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
16331684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
16341684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16351684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
16361684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16371684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16381684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
16391684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
16401684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16411684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
16421684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16431684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16441684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
16451684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
16461684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16471684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
16481684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
16491684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16501684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
16511684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16521684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16531684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
16541684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
16551684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16561684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
16571684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
16581684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16591684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
16601684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
16611684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
16621684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
16631684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
16641684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16651684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
16661684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
16671684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
16681684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
16691684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004ec pwszName=\Device\HarddiskVolume2\Windows\System32\dwmapi.dll
16701684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
16711684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
16721684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
16731684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
16741684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16751684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16761684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
16771684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
16781684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll)WinVerifyTrust
16791684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
16801684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
16811684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
16821684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004fc pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
16831684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
16841684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
16851684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
16861684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
16871684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16881684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
16891684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
16901684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
16911684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
16921684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
16931684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
16941684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
16951684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll)WinVerifyTrust
16961684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
16971684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16981684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
16991684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
17001684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
17011684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
17021684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f0 pwszName=\Device\HarddiskVolume2\Windows\System32\dciman32.dll
17031684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
17041684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
17051684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8C17410BD716DCF557221B982F7A015B5B6AC2B4
17061684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3032323~31bf3856ad364e35~amd64~~6.1.1.3.cat'; file='\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
17071684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17081684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17091684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
17101684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
17111684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll)WinVerifyTrust
17121684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
17131684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17141684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
17151684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
17161684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17171684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
17181684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
17191684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17201684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
17211684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
17221684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17231684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
17241684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
17251684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17261684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
17271684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
17281684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
17291684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll'
17301684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e0 pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
17311684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
17321684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
17331684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
17341684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
17351684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17361684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17371684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
17381684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)WinVerifyTrust
17391684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
17401684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17411684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
17421684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
17431684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17441684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
17451684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
17461684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17471684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
17481684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
17491684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17501684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
17511684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
17521684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17531684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
17541684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
17551684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
17561684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
17571684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000508 pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
17581684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
17591684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
17601684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
17611684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
17621684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17631684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17641684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
17651684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
17661684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)WinVerifyTrust
17671684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
17681684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17691684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
17701684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
17711684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17721684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
17731684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
17741684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17751684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
17761684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
17771684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17781684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
17791684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
17801684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17811684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
17821684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
17831684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17841684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
17851684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
17861684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
17871684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
17881684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
17891684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17901684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
17911684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
17921684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
17931684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
17941684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
17951684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
17961684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
17971684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
17981684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
17991684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
18001684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
18011684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
18021684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
18031684.160c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll)
18041684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
18051684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
18061684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
18071684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
18081684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
18091684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000510 pwszName=\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
18101684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
18111684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
18121684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5A2FB6B10717AFC03CD9FE6E8F1337A8EA94BF9B
18131684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2864058~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll'
18141684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18151684.160c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll'
18161684.160c: supR3HardenedMonitor_LdrLoadDll: pName=imm32.dll *pfFlags=0x0 pwszSearchPath=0000000000837170:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18171684.160c: supR3HardenedMonitor_LdrLoadDll: 'imm32.dll' -> 'C:\Windows\system32\imm32.dll' [rcNt=0xc0150008]
18181684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
18191684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18201684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
18211684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18221684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18231684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
18241684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
18251684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18261684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
18271684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
18281684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe0b0000 'C:\Windows\system32\imm32.dll'
18291684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee9850000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
18301684.160c: SUPR3HardenedMain: Calling TrustedMain (000007fee9851ca0)...
18311684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18321684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
18331684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefa5d0000 'C:\Windows\system32\winmm.dll'
18341684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=00000000005f3f50:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18351684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000059c pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18361684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
18371684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
18381684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
18391684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
18401684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18411684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18421684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
18431684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
18441684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll)WinVerifyTrust
18451684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18461684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18471684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
18481684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
18491684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18501684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
18511684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18521684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18531684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
18541684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
18551684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18561684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb330000 'C:\Windows\system32\uxtheme.dll'
18571684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=00000000005f3f50:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18581684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18591684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb330000 'C:\Windows\system32\uxtheme.dll'
18601684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=00000000005f4580:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18611684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18621684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb330000 'C:\Windows\system32\uxtheme.dll'
18631684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=00000000005f4580:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18641684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18651684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb330000 'C:\Windows\system32\uxtheme.dll'
18661684.160c: supR3HardenedMonitor_LdrLoadDll: pName=dwmapi.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18671684.160c: supR3HardenedMonitor_LdrLoadDll: 'dwmapi.dll' -> 'C:\Windows\system32\dwmapi.dll' [rcNt=0xc0150008]
18681684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
18691684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefae20000 'C:\Windows\system32\dwmapi.dll'
18701684.160c: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTBASE.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18711684.160c: supR3HardenedMonitor_LdrLoadDll: 'CRYPTBASE.dll' -> 'C:\Windows\system32\CRYPTBASE.dll' [rcNt=0xc0150008]
18721684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
18731684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb30000 'C:\Windows\system32\CRYPTBASE.dll'
18741684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18751684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
18761684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd300000 'C:\Windows\system32\shell32.dll'
18771684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18781684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
18791684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076db0000 'C:\Windows\system32\kernel32.dll'
18801684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18811684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18821684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb330000 'C:\Windows\system32\uxtheme.dll'
18831684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18841684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18851684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb330000 'C:\Windows\system32\uxtheme.dll'
18861684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18871684.160c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 2
18881684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
18891684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18901684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18911684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cb0000 'C:\Windows\system32\user32.dll'
18921684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18931684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
18941684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb330000 'C:\Windows\system32\uxtheme.dll'
18951684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18961684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18971684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cb0000 'C:\Windows\system32\user32.dll'
18981684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
18991684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
19001684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6e0000 'C:\Windows\system32\advapi32.dll'
19011684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19021684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
19031684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf60000 'C:\Windows\system32\userenv.dll'
19041684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19051684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
19061684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076db0000 'C:\Windows\system32\kernel32.dll'
19071684.160c: supR3HardenedMonitor_LdrLoadDll: pName=CLBCatQ.DLL *pfFlags=0x0 pwszSearchPath=000000000034f5f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19081684.160c: supR3HardenedMonitor_LdrLoadDll: 'CLBCatQ.DLL' -> 'C:\Windows\system32\CLBCatQ.DLL' [rcNt=0xc0150008]
19091684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005f0 pwszName=\Device\HarddiskVolume2\Windows\System32\clbcatq.dll
19101684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
19111684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
19121684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
19131684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\clbcatq.dll'
19141684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19151684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19161684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
19171684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
19181684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
19191684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
19201684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
19211684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll)WinVerifyTrust
19221684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
19231684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19241684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
19251684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
19261684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
19271684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
19281684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
19291684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19301684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
19311684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
19321684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19331684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
19341684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
19351684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
19361684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
19371684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
19381684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19391684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
19401684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
19411684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
19421684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff060000 'C:\Windows\system32\CLBCatQ.DLL'
19431684.160c: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=0000000000837320:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19441684.160c: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
19451684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
19461684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6e0000 'C:\Windows\system32\ADVAPI32.dll'
19471684.160c: supR3HardenedMonitor_LdrLoadDll: pName=CRYPTSP.dll *pfFlags=0x0 pwszSearchPath=0000000000837320:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19481684.160c: supR3HardenedMonitor_LdrLoadDll: 'CRYPTSP.dll' -> 'C:\Windows\system32\CRYPTSP.dll' [rcNt=0xc0150008]
19491684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
19501684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc490000 'C:\Windows\system32\CRYPTSP.dll'
19511684.160c: supR3HardenedMonitor_LdrLoadDll: pName=RpcRtRemote.dll *pfFlags=0x0 pwszSearchPath=0000000000837320:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19521684.160c: supR3HardenedMonitor_LdrLoadDll: 'RpcRtRemote.dll' -> 'C:\Windows\system32\RpcRtRemote.dll' [rcNt=0xc0150008]
19531684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000610 pwszName=\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
19541684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
19551684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
19561684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
19571684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll'
19581684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19591684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
19601684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll)WinVerifyTrust
19611684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
19621684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19631684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
19641684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
19651684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
19661684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb40000 'C:\Windows\system32\RpcRtRemote.dll'
19671684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\oleaut32.dll *pfFlags=0x0 pwszSearchPath=00000000005f4580:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19681684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
19691684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1f0000 'C:\Windows\system32\oleaut32.dll'
19701684.160c: supR3HardenedMonitor_LdrLoadDll: pName=SXS.DLL *pfFlags=0x0 pwszSearchPath=0000000000836ea0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19711684.160c: supR3HardenedMonitor_LdrLoadDll: 'SXS.DLL' -> 'C:\Windows\system32\SXS.DLL' [rcNt=0xc0150008]
19721684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000634 pwszName=\Device\HarddiskVolume2\Windows\System32\sxs.dll
19731684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
19741684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
19751684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCAC019C19F878C2B628662A84ECE75A01818BC9
19761684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\sxs.dll'
19771684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
19781684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sxs.dll)WinVerifyTrust
19791684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sxs.dll
19801684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sxs.dll
19811684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb60000 'C:\Windows\system32\SXS.DLL'
19821684.160c: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=0000000000836ea0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19831684.160c: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
19841684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
19851684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6e0000 'C:\Windows\system32\ADVAPI32.dll'
19861684.160c: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32 *pfFlags=0x0 pwszSearchPath=0000000000837830:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19871684.160c: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32' -> 'C:\Windows\system32\OLEAUT32.dll' [rcNt=0xc0150008]
19881684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
19891684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1f0000 'C:\Windows\system32\OLEAUT32.dll'
19901684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll *pfFlags=0x0 pwszSearchPath=00000000007cc300:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19911684.160c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 2
19921684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
19931684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll *pfFlags=0x0 pwszSearchPath=00000000007cc390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19941684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
19951684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe810000 'C:\Windows\system32\gdi32.dll'
19961684.1080: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll *pfFlags=0x0 pwszSearchPath=00000000005fa530:C:\Program Files\Oracle\VirtualBox;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
19971684.1080: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
19981684.1080: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
19991684.1080: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
20001684.1080: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
20011684.1080: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
20021684.1080: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
20031684.1080: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
20041684.1080: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll)WinVerifyTrust
20051684.1080: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
20061684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
20071684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
20081684.1080: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
20091684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
20101684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
20111684.1080: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
20121684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
20131684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
20141684.1080: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
20151684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
20161684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
20171684.1080: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
20181684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20191684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
20201684.1080: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
20211684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
20221684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
20231684.1080: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
20241684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20251684.1080: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
20261684.1080: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
20271684.1080: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
20281684.1080: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee9160000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
20291684.159c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL *pfFlags=0x0 pwszSearchPath=00000000007cc390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20301684.159c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
20311684.159c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
20321684.159c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll)WinVerifyTrust
20331684.159c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
20341684.159c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20351684.159c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
20361684.159c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
20371684.159c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20381684.159c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
20391684.159c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
20401684.159c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
20411684.159c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef45b0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL'
20421684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\user32.dll *pfFlags=0x0 pwszSearchPath=00000000007cc390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20431684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
20441684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076cb0000 'C:\Windows\system32\user32.dll'
20451684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll *pfFlags=0x0 pwszSearchPath=0000000000837950:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20461684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
20471684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd300000 'C:\Windows\system32\shell32.dll'
20481684.160c: supR3HardenedMonitor_LdrLoadDll: pName=ADVAPI32.dll *pfFlags=0x0 pwszSearchPath=0000000000837950:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20491684.160c: supR3HardenedMonitor_LdrLoadDll: 'ADVAPI32.dll' -> 'C:\Windows\system32\ADVAPI32.dll' [rcNt=0xc0150008]
20501684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
20511684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe6e0000 'C:\Windows\system32\ADVAPI32.dll'
20521684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll *pfFlags=0x0 pwszSearchPath=0000000000837950:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20531684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
20541684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecc0000 'C:\Windows\system32\ole32.dll'
20551684.160c: supR3HardenedMonitor_LdrLoadDll: pName=ole32.dll *pfFlags=0x0 pwszSearchPath=00000000008377a0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20561684.160c: supR3HardenedMonitor_LdrLoadDll: 'ole32.dll' -> 'C:\Windows\system32\ole32.dll' [rcNt=0xc0150008]
20571684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
20581684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefecc0000 'C:\Windows\system32\ole32.dll'
20591684.160c: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=00000000008377a0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20601684.160c: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.dll' -> 'C:\Windows\system32\OLEAUT32.dll' [rcNt=0xc0150008]
20611684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
20621684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1f0000 'C:\Windows\system32\OLEAUT32.dll'
20631684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll *pfFlags=0x0 pwszSearchPath=0000000003b8aff0:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
20641684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000990 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
20651684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
20661684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
20671684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
20681684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll'
20691684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20701684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20711684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
20721684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
20731684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
20741684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
20751684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
20761684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll)WinVerifyTrust
20771684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
20781684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
20791684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
20801684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
20811684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
20821684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
20831684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
20841684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
20851684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
20861684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
20871684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
20881684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
20891684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
20901684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
20911684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
20921684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009a4 pwszName=\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
20931684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
20941684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
20951684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
20961684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
20971684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20981684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20991684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
21001684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
21011684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
21021684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
21031684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll)WinVerifyTrust
21041684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
21051684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21061684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
21071684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
21081684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
21091684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
21101684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
21111684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21121684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
21131684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
21141684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
21151684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
21161684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
21171684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
21181684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
21191684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
21201684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21211684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
21221684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
21231684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
21241684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
21251684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8ab0000 'C:\Windows\system32\wbem\wbemprox.dll'
21261684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll *pfFlags=0x0 pwszSearchPath=0000000003b8aff0:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
21271684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009cc pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
21281684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
21291684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
21301684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
21311684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll'
21321684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21331684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21341684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
21351684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll)WinVerifyTrust
21361684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
21371684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21381684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
21391684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
21401684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21411684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
21421684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
21431684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
21441684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7d40000 'C:\Windows\system32\wbem\wbemsvc.dll'
21451684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll *pfFlags=0x0 pwszSearchPath=0000000003b8aff0:C:\Windows\system32\wbem;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
21461684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009d8 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
21471684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
21481684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
21491684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
21501684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll'
21511684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21521684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21531684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
21541684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
21551684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
21561684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
21571684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
21581684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll)WinVerifyTrust
21591684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
21601684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
21611684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll'
21621684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009c0 pwszName=\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
21631684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
21641684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
21651684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
21661684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll'
21671684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21681684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21691684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
21701684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
21711684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll)WinVerifyTrust
21721684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
21731684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
21741684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
21751684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
21761684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
21771684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
21781684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
21791684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21801684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
21811684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
21821684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
21831684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
21841684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
21851684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21861684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
21871684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
21881684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
21891684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
21901684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
21911684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21921684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
21931684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
21941684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21951684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
21961684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
21971684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
21981684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
21991684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef80b0000 'C:\Windows\system32\wbem\fastprox.dll'
22001684.160c: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=00000000008375f0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
22011684.160c: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.dll' -> 'C:\Windows\system32\OLEAUT32.dll' [rcNt=0xc0150008]
22021684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
22031684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1f0000 'C:\Windows\system32\OLEAUT32.dll'
22041684.1544: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL *pfFlags=0x0 pwszSearchPath=0000000000837710:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
22051684.1544: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22061684.1544: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
22071684.1544: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
22081684.1544: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll)WinVerifyTrust
22091684.1544: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
22101684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22111684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
22121684.1544: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
22131684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
22141684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrem.dll'
22151684.1544: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
22161684.1544: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
22171684.1544: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
22181684.1544: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll)WinVerifyTrust
22191684.1544: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
22201684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22211684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
22221684.1544: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
22231684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22241684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
22251684.1544: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
22261684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
22271684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll'
22281684.1544: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
22291684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22301684.1544: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
22311684.1544: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
22321684.1544: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
22331684.1544: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
22341684.1544: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea490000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
22351684.15a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL *pfFlags=0x0 pwszSearchPath=0000000000837710:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
22361684.15a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22371684.15a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
22381684.15a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
22391684.15a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
22401684.15a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll)WinVerifyTrust
22411684.15a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
22421684.15a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
22431684.15a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
22441684.15a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
22451684.15a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22461684.15a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
22471684.15a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
22481684.15a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
22491684.15a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll'
22501684.15a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
22511684.15a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22521684.15a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
22531684.15a8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
22541684.15a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
22551684.15a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4300000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
22561684.1664: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL *pfFlags=0x0 pwszSearchPath=0000000000837710:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
22571684.1664: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22581684.1664: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
22591684.1664: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll)WinVerifyTrust
22601684.1664: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
22611684.1664: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22621684.1664: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
22631684.1664: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
22641684.1664: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22651684.1664: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
22661684.1664: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
22671684.1664: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
22681684.1664: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef42f0000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
22691684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags>
22701684.eec: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ae4 pwszName=\Device\HarddiskVolume2\Windows\System32\apphelp.dll
22711684.eec: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
22721684.eec: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
22731684.eec: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82846C7DC170BBD7F68FE9966A8D339A60BCFF16
22741684.eec: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\apphelp.dll'
22751684.eec: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22761684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)WinVerifyTrust
22771684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
22781684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll
22791684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcad0000 'C:\Windows\system32\apphelp.dll'
22801684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxoglhostcrutil.dll'.
22811684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
22821684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
22831684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtcorevbox4.dll'.
22841684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtguivbox4.dll'.
22851684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtopenglvbox4.dll'.
22861684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'opengl32.dll'.
22871684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe)
22881684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
22891684.b38: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe'
22901684.b38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL *pfFlags=0x0 pwszSearchPath=0000000000837710:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
22911684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22921684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
22931684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
22941684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxvmm.dll'.
22951684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxoglrenderspu.dll'.
22961684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
22971684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
22981684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'oleaut32.dll'.
22991684.b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll)WinVerifyTrust
23001684.b38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
23011684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23021684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
23031684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
23041684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23051684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
23061684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
23071684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23081684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
23091684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
23101684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglrenderspu.dll'...
23111684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglrenderspu.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglrenderspu.dll'
23121684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23131684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
23141684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
23151684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
23161684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
23171684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
23181684.b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll)WinVerifyTrust
23191684.b38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
23201684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
23211684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll'
23221684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
23231684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23241684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
23251684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
23261684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
23271684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll'
23281684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23291684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
23301684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
23311684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
23321684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
23331684.b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll)WinVerifyTrust
23341684.b38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
23351684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23361684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
23371684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
23381684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
23391684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
23401684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
23411684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
23421684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll'
23431684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
23441684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
23451684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll'
23461684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
23471684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
23481684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll'
23491684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
23501684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23511684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
23521684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
23531684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23541684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
23551684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
23561684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
23571684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll'
23581684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
23591684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
23601684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
23611684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
23621684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
23631684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
23641684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
23651684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23661684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
23671684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
23681684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23691684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
23701684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
23711684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23721684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
23731684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
23741684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23751684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
23761684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
23771684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
23781684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
23791684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
23801684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23811684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
23821684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
23831684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23841684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
23851684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
23861684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
23871684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll'
23881684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
23891684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23901684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
23911684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
23921684.b38: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
23931684.b38: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
23941684.b38: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
23951684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feeb900000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL'
23961684.b38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\NLAapi.dll *pfFlags=0x0 pwszSearchPath=0000000000837710:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
23971684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b10 pwszName=\Device\HarddiskVolume2\Windows\System32\nlaapi.dll
23981684.b38: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
23991684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
24001684.b38: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=940531924908424B14ADDE1A085208ECEFAA5B1C
24011684.b38: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3022777~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\nlaapi.dll'
24021684.b38: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24031684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24041684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
24051684.b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nlaapi.dll)WinVerifyTrust
24061684.b38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nlaapi.dll
24071684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24081684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
24091684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
24101684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24111684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
24121684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
24131684.b38: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nlaapi.dll
24141684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaac0000 'C:\Windows\system32\NLAapi.dll'
24151684.b38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\napinsp.dll *pfFlags=0x0 pwszSearchPath=0000000000837710:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
24161684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b50 pwszName=\Device\HarddiskVolume2\Windows\System32\NapiNSP.dll
24171684.b38: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
24181684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
24191684.b38: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D1E760E4F0FA1B850DAF97E949B2FCD21656EFC2
24201684.b38: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\NapiNSP.dll'
24211684.b38: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24221684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24231684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
24241684.b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\NapiNSP.dll)WinVerifyTrust
24251684.b38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\NapiNSP.dll
24261684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24271684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
24281684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
24291684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24301684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
24311684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
24321684.b38: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\NapiNSP.dll
24331684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9390000 'C:\Windows\system32\napinsp.dll'
24341684.b38: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll *pfFlags=0x0 pwszSearchPath=0000000000837710:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
24351684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe2d0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
24361684.b38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\pnrpnsp.dll *pfFlags=0x0 pwszSearchPath=0000000000837710:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
24371684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b4c pwszName=\Device\HarddiskVolume2\Windows\System32\pnrpnsp.dll
24381684.b38: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
24391684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
24401684.b38: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83937B6F447F6D6789FEB249D410ECB897EBBB8E
24411684.b38: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-Full-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\pnrpnsp.dll'
24421684.b38: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24431684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24441684.b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\pnrpnsp.dll)WinVerifyTrust
24451684.b38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\pnrpnsp.dll
24461684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24471684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
24481684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
24491684.b38: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\pnrpnsp.dll
24501684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef93b0000 'C:\Windows\system32\pnrpnsp.dll'
24511684.b38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\pnrpnsp.dll *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
24521684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\pnrpnsp.dll
24531684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef93b0000 'C:\Windows\system32\pnrpnsp.dll'
24541684.b38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\mswsock.dll *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
24551684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bb4 pwszName=\Device\HarddiskVolume2\Windows\System32\mswsock.dll
24561684.b38: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
24571684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
24581684.b38: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C8E5754748E0E000AB425BF2AEB177780FB43945
24591684.b38: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2888049~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\mswsock.dll'
24601684.b38: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24611684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24621684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
24631684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
24641684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
24651684.b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mswsock.dll)WinVerifyTrust
24661684.b38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mswsock.dll
24671684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24681684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
24691684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
24701684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24711684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
24721684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
24731684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
24741684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
24751684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
24761684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24771684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
24781684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
24791684.b38: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mswsock.dll
24801684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc430000 'C:\Windows\System32\mswsock.dll'
24811684.b38: supR3HardenedMonitor_LdrLoadDll: pName=DNSAPI.dll *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
24821684.b38: supR3HardenedMonitor_LdrLoadDll: 'DNSAPI.dll' -> 'C:\Windows\system32\DNSAPI.dll' [rcNt=0xc0150008]
24831684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bd4 pwszName=\Device\HarddiskVolume2\Windows\System32\dnsapi.dll
24841684.b38: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
24851684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
24861684.b38: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8135E0E5EFBA7E8EB8BB5D5C7F47265131A2B951
24871684.b38: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2509553~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\dnsapi.dll'
24881684.b38: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24891684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24901684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ws2_32.dll'.
24911684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'nsi.dll'.
24921684.b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dnsapi.dll)WinVerifyTrust
24931684.b38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dnsapi.dll
24941684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
24951684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll'
24961684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
24971684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24981684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
24991684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
25001684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25011684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
25021684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
25031684.b38: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dnsapi.dll
25041684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc2b0000 'C:\Windows\system32\DNSAPI.dll'
25051684.b38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\winrnr.dll *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25061684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bec pwszName=\Device\HarddiskVolume2\Windows\System32\winrnr.dll
25071684.b38: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
25081684.b38: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
25091684.b38: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2677B9BC9B2CBB6D3BC21091A4281569A153641C
25101684.b38: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winrnr.dll'
25111684.b38: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25121684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25131684.b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winrnr.dll)WinVerifyTrust
25141684.b38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winrnr.dll
25151684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25161684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
25171684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
25181684.b38: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winrnr.dll
25191684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8f50000 'C:\Windows\System32\winrnr.dll'
25201684.b38: supR3HardenedMonitor_LdrLoadDll: pName=WS2_32.dll *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25211684.b38: supR3HardenedMonitor_LdrLoadDll: 'WS2_32.dll' -> 'C:\Windows\system32\WS2_32.dll' [rcNt=0xc0150008]
25221684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
25231684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7c0000 'C:\Windows\system32\WS2_32.dll'
25241684.b38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25251684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
25261684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3d50000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll'
25271684.b38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25281684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25291684.b38: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
25301684.b38: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll)WinVerifyTrust
25311684.b38: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
25321684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
25331684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll'
25341684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
25351684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25361684.b38: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
25371684.b38: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
25381684.b38: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
25391684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3a70000 'C:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll'
25401684.b38: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/opengl32.dll *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25411684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
25421684.b38: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
25431684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebc90000 'C:\Windows\system32/opengl32.dll'
25441684.b38: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25451684.b38: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
25461684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
25471684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebc90000 'C:\Windows\system32\OPENGL32.dll'
25481684.b38: supR3HardenedMonitor_LdrLoadDll: pName=gdi32 *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25491684.b38: supR3HardenedMonitor_LdrLoadDll: 'gdi32' -> 'C:\Windows\system32\gdi32.dll' [rcNt=0xc0150008]
25501684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
25511684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe810000 'C:\Windows\system32\gdi32.dll'
25521684.b38: supR3HardenedMonitor_LdrLoadDll: pName=gdi32 *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25531684.b38: supR3HardenedMonitor_LdrLoadDll: 'gdi32' -> 'C:\Windows\system32\gdi32.dll' [rcNt=0xc0150008]
25541684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
25551684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe810000 'C:\Windows\system32\gdi32.dll'
25561684.b38: supR3HardenedMonitor_LdrLoadDll: pName=nvoglv64 *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25571684.b38: supR3HardenedMonitor_LdrLoadDll: 'nvoglv64' -> 'C:\Windows\system32\nvoglv64.dll' [rcNt=0xc0150008]
25581684.b38: \Device\HarddiskVolume2\Windows\System32\nvoglv64.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
25591684.b38: \Device\HarddiskVolume2\Windows\System32\nvoglv64.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
25601684.b38: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010e (CERT_E_REVOCATION_FAILURE) on '\Device\HarddiskVolume2\Windows\System32\nvoglv64.dll'
25611684.b38: supHardenedWinVerifyImageByHandle: -> -22919 (\Device\HarddiskVolume2\Windows\System32\nvoglv64.dll)WinVerifyTrust
25621684.b38: Error (rc=0):
25631684.b38: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -22919 (0xffffa679) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume2\Windows\System32\nvoglv64.dll: WinVerifyTrust failed with hrc=CERT_E_REVOCATION_FAILURE on '\Device\HarddiskVolume2\Windows\System32\nvoglv64.dll'
25641684.b38: Error (rc=0):
25651684.b38: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\nvoglv64.dll': rcNt=0xc0000190
25661684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\nvoglv64.dll'
25671684.b38: supR3HardenedMonitor_LdrLoadDll: pName=nvoglv64 *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25681684.b38: supR3HardenedMonitor_LdrLoadDll: 'nvoglv64' -> 'C:\Windows\system32\nvoglv64.dll' [rcNt=0xc0150008]
25691684.b38: \Device\HarddiskVolume2\Windows\System32\nvoglv64.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
25701684.b38: \Device\HarddiskVolume2\Windows\System32\nvoglv64.dll: Relaxing the TrustedInstaller requirement for this DLL (it's in system32).
25711684.b38: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010e (CERT_E_REVOCATION_FAILURE) on '\Device\HarddiskVolume2\Windows\System32\nvoglv64.dll'
25721684.b38: supHardenedWinVerifyImageByHandle: -> -22919 (\Device\HarddiskVolume2\Windows\System32\nvoglv64.dll)WinVerifyTrust
25731684.b38: Error (rc=0):
25741684.b38: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -22919 (0xffffa679) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume2\Windows\System32\nvoglv64.dll: WinVerifyTrust failed with hrc=CERT_E_REVOCATION_FAILURE on '\Device\HarddiskVolume2\Windows\System32\nvoglv64.dll'
25751684.b38: Error (rc=0):
25761684.b38: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\nvoglv64.dll': rcNt=0xc0000190
25771684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\nvoglv64.dll'
25781684.b38: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25791684.b38: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
25801684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
25811684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebc90000 'C:\Windows\system32\OPENGL32.dll'
25821684.b38: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25831684.b38: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
25841684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
25851684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebc90000 'C:\Windows\system32\OPENGL32.dll'
25861684.b38: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25871684.b38: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
25881684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
25891684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebc90000 'C:\Windows\system32\OPENGL32.dll'
25901684.b38: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25911684.b38: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
25921684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
25931684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebc90000 'C:\Windows\system32\OPENGL32.dll'
25941684.b38: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000003b8e230:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25951684.b38: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
25961684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
25971684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebc90000 'C:\Windows\system32\OPENGL32.dll'
25981684.b38: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
25991684.b38: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
26001684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
26011684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebc90000 'C:\Windows\system32\OPENGL32.dll'
26021684.fa4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
26031684.fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26041684.fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
26051684.fa4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26061684.fa4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll)WinVerifyTrust
26071684.fa4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
26081684.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26091684.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
26101684.fa4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
26111684.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
26121684.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
26131684.fa4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
26141684.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26151684.fa4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
26161684.fa4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
26171684.fa4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
26181684.fa4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7cc0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
26191684.de0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
26201684.de0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26211684.de0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
26221684.de0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26231684.de0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll)WinVerifyTrust
26241684.de0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
26251684.de0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26261684.de0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
26271684.de0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
26281684.de0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
26291684.de0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll'
26301684.de0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
26311684.de0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26321684.de0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
26331684.de0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
26341684.de0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
26351684.de0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef42e0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
26361684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
26371684.eec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
26381684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feea490000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
26391684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
26401684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26411684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
26421684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
26431684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
26441684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
26451684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll)WinVerifyTrust
26461684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
26471684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
26481684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
26491684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
26501684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
26511684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
26521684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
26531684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26541684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
26551684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
26561684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
26571684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
26581684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
26591684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26601684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
26611684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
26621684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
26631684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0a20000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
26641684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
26651684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26661684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
26671684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26681684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
26691684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
26701684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
26711684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
26721684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
26731684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
26741684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
26751684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll)WinVerifyTrust
26761684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
26771684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
26781684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\iphlpapi.dll'
26791684.eec: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d1c pwszName=\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
26801684.eec: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
26811684.eec: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
26821684.eec: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
26831684.eec: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL'
26841684.eec: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26851684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26861684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
26871684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
26881684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
26891684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL)WinVerifyTrust
26901684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
26911684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
26921684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll'
26931684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
26941684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
26951684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
26961684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
26971684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
26981684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
26991684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
27001684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27011684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
27021684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
27031684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
27041684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxdd2.dll'
27051684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27061684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
27071684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
27081684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll)WinVerifyTrust
27091684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
27101684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
27111684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxddu.dll'
27121684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27131684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
27141684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
27151684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
27161684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'newdev.dll'.
27171684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
27181684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll)WinVerifyTrust
27191684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
27201684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27211684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
27221684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
27231684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
27241684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll'
27251684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
27261684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27271684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
27281684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
27291684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
27301684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
27311684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
27321684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'newdev.dll'...
27331684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'newdev.dll' -> '\Device\HarddiskVolume2\Windows\System32\newdev.dll'
27341684.eec: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d3c pwszName=\Device\HarddiskVolume2\Windows\System32\newdev.dll
27351684.eec: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
27361684.eec: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
27371684.eec: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2F4B2CF91DA6B4233E3BF5D2EC9677240BFF983C
27381684.eec: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume2\Windows\System32\newdev.dll'
27391684.eec: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27401684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27411684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
27421684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
27431684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
27441684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'uxtheme.dll'.
27451684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'cfgmgr32.dll'.
27461684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'setupapi.dll'.
27471684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\newdev.dll)WinVerifyTrust
27481684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\newdev.dll
27491684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
27501684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
27511684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
27521684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27531684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
27541684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
27551684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27561684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
27571684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
27581684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27591684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
27601684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
27611684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27621684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
27631684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
27641684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
27651684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll'
27661684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
27671684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27681684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
27691684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
27701684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27711684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
27721684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
27731684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
27741684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\winnsi.dll'
27751684.eec: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d28 pwszName=\Device\HarddiskVolume2\Windows\System32\winnsi.dll
27761684.eec: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
27771684.eec: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
27781684.eec: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
27791684.eec: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winnsi.dll'
27801684.eec: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27811684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27821684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
27831684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
27841684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winnsi.dll)WinVerifyTrust
27851684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winnsi.dll
27861684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
27871684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll'
27881684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
27891684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27901684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
27911684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
27921684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
27931684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll'
27941684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
27951684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27961684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
27971684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
27981684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27991684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
28001684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
28011684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
28021684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
28031684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
28041684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
28051684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
28061684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
28071684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
28081684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
28091684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
28101684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
28111684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
28121684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
28131684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
28141684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
28151684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
28161684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
28171684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
28181684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
28191684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28201684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
28211684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
28221684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
28231684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
28241684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\newdev.dll
28251684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28261684.eec: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devrtl.dll)
28271684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devrtl.dll
28281684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28291684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
28301684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winnsi.dll
28311684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee88a0000 'C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL'
28321684.eec: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d48 pwszName=\Device\HarddiskVolume2\Windows\System32\devrtl.dll
28331684.eec: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
28341684.eec: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
28351684.eec: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A
28361684.eec: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
28371684.eec: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28381684.eec: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
28391684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28401684.eec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
28411684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28421684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
28431684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
28441684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
28451684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09e0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
28461684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxC.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28471684.eec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
28481684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
28491684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee9160000 'C:\Program Files\Oracle\VirtualBox/VBoxC.DLL'
28501684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28511684.eec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28521684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28531684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef0a20000 'C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL'
28541684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28551684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28561684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
28571684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll)WinVerifyTrust
28581684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
28591684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28601684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
28611684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
28621684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28631684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
28641684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
28651684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
28661684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2c30000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL'
28671684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28681684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28691684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
28701684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll)WinVerifyTrust
28711684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
28721684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28731684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
28741684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
28751684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28761684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
28771684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
28781684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
28791684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09c0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL'
28801684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28811684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28821684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
28831684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll)WinVerifyTrust
28841684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
28851684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28861684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
28871684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
28881684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28891684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
28901684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
28911684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
28921684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef09a0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL'
28931684.1584: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
28941684.1584: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28951684.1584: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
28961684.1584: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
28971684.1584: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll)WinVerifyTrust
28981684.1584: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
28991684.1584: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29001684.1584: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
29011684.1584: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
29021684.1584: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
29031684.1584: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll'
29041684.1584: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
29051684.1584: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29061684.1584: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
29071684.1584: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
29081684.1584: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
29091684.1584: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef3990000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
29101684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29111684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29121684.eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
29131684.eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll)WinVerifyTrust
29141684.eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
29151684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29161684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll'
29171684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
29181684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29191684.eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
29201684.eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
29211684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
29221684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7120000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL'
29231684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Iphlpapi.dll *pfFlags=0x0 pwszSearchPath=0000000003b8f4c0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29241684.eec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
29251684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
29261684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb930000 'C:\Windows\system32/Iphlpapi.dll'
29271684.eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/kernel32.dll *pfFlags=0x0 pwszSearchPath=0000000003b8f310:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29281684.eec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
29291684.eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
29301684.eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000076db0000 'C:\Windows\system32/kernel32.dll'
29311684.1544: supR3HardenedMonitor_LdrLoadDll: pName=OLEAUT32.dll *pfFlags=0x0 pwszSearchPath=0000000003b8f280:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29321684.1544: supR3HardenedMonitor_LdrLoadDll: 'OLEAUT32.dll' -> 'C:\Windows\system32\OLEAUT32.dll' [rcNt=0xc0150008]
29331684.1544: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
29341684.1544: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe1f0000 'C:\Windows\system32\OLEAUT32.dll'
29351684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\comctl32.dll *pfFlags=0x0 pwszSearchPath=0000000003b8f0d0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29361684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comctl32.dll
29371684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5b60000 'C:\Windows\system32\comctl32.dll'
29381684.160c: supR3HardenedMonitor_LdrLoadDll: pName=mscms.dll *pfFlags=0x0 pwszSearchPath=00000000007cc4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29391684.160c: supR3HardenedMonitor_LdrLoadDll: 'mscms.dll' -> 'C:\Windows\system32\mscms.dll' [rcNt=0xc0150008]
29401684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000007f8 pwszName=\Device\HarddiskVolume2\Windows\System32\mscms.dll
29411684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
29421684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
29431684.160c: supR3HardenedMonitor_LdrLoadDll: pName=WINTRUST.DLL *pfFlags=0x0 pwszSearchPath=00000000007cc390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29441684.160c: supR3HardenedMonitor_LdrLoadDll: 'WINTRUST.DLL' -> 'C:\Windows\system32\WINTRUST.DLL' [rcNt=0xc0150008]
29451684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
29461684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf20000 'C:\Windows\system32\WINTRUST.DLL'
29471684.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll *pfFlags=0x1002 pwszSearchPath=00000000007cc390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29481684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
29491684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcdb0000 'C:\Windows\system32\CRYPT32.dll'
29501684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=77B48D4C63C7308FE42B2B7DF054999F6CE86C20
29511684.160c: supR3HardenedMonitor_LdrLoadDll: pName=cryptnet.dll *pfFlags=0x0 pwszSearchPath=0000000003b8e860:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29521684.160c: supR3HardenedMonitor_LdrLoadDll: 'cryptnet.dll' -> 'C:\Windows\system32\cryptnet.dll' [rcNt=0xc0150008]
29531684.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
29541684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef92f0000 'C:\Windows\system32\cryptnet.dll'
29551684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ICM-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\mscms.dll'
29561684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29571684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29581684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'userenv.dll'.
29591684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
29601684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
29611684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mscms.dll)WinVerifyTrust
29621684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mscms.dll
29631684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
29641684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
29651684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
29661684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29671684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll'
29681684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
29691684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
29701684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
29711684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
29721684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29731684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
29741684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
29751684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mscms.dll
29761684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef61d0000 'C:\Windows\system32\mscms.dll'
29771684.160c: supR3HardenedMonitor_LdrLoadDll: pName=icm32.dll *pfFlags=0x0 pwszSearchPath=00000000007cc4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
29781684.160c: supR3HardenedMonitor_LdrLoadDll: 'icm32.dll' -> 'C:\Windows\system32\icm32.dll' [rcNt=0xc0150008]
29791684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000738 pwszName=\Device\HarddiskVolume2\Windows\System32\icm32.dll
29801684.160c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
29811684.160c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
29821684.160c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A467A1C0C873D06FC9374DE3DAC05A8C3CE89002
29831684.160c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ICM-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\icm32.dll'
29841684.160c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29851684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29861684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mscms.dll'.
29871684.160c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
29881684.160c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\icm32.dll)WinVerifyTrust
29891684.160c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\icm32.dll
29901684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
29911684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
29921684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
29931684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mscms.dll'...
29941684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mscms.dll' -> '\Device\HarddiskVolume2\Windows\System32\mscms.dll'
29951684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mscms.dll
29961684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29971684.160c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
29981684.160c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
29991684.160c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\icm32.dll
30001684.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef2cf0000 'C:\Windows\system32\icm32.dll'
30011684.170c: supR3HardenedMonitor_LdrLoadDll: pName=IPHLPAPI.DLL *pfFlags=0x0 pwszSearchPath=00000000007cc4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30021684.170c: supR3HardenedMonitor_LdrLoadDll: 'IPHLPAPI.DLL' -> 'C:\Windows\system32\IPHLPAPI.DLL' [rcNt=0xc0150008]
30031684.170c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
30041684.170c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb930000 'C:\Windows\system32\IPHLPAPI.DLL'
30051684.170c: supR3HardenedMonitor_LdrLoadDll: pName=RPCRT4.dll *pfFlags=0x0 pwszSearchPath=00000000007cc4b0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30061684.170c: supR3HardenedMonitor_LdrLoadDll: 'RPCRT4.dll' -> 'C:\Windows\system32\RPCRT4.dll' [rcNt=0xc0150008]
30071684.170c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
30081684.170c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe920000 'C:\Windows\system32\RPCRT4.dll'
30091684.170c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\fwpuclnt.dll *pfFlags=0x0 pwszSearchPath=00000000007cc390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30101684.170c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009f8 pwszName=\Device\HarddiskVolume2\Windows\System32\FWPUCLNT.DLL
30111684.170c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
30121684.170c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
30131684.170c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=71AC516E78E4AA40541D24A370871D83C02E3521
30141684.170c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2862152~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\FWPUCLNT.DLL'
30151684.170c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30161684.170c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30171684.170c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
30181684.170c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\FWPUCLNT.DLL)WinVerifyTrust
30191684.170c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\FWPUCLNT.DLL
30201684.170c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30211684.170c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
30221684.170c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
30231684.170c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30241684.170c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
30251684.170c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
30261684.170c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\FWPUCLNT.DLL
30271684.170c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ac0000 'C:\Windows\System32\fwpuclnt.dll'
30281684.170c: supR3HardenedMonitor_LdrLoadDll: pName=rasadhlp.dll *pfFlags=0x0 pwszSearchPath=00000000007cc390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30291684.170c: supR3HardenedMonitor_LdrLoadDll: 'rasadhlp.dll' -> 'C:\Windows\system32\rasadhlp.dll' [rcNt=0xc0150008]
30301684.170c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f0c pwszName=\Device\HarddiskVolume2\Windows\System32\rasadhlp.dll
30311684.170c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000006d0730
30321684.170c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000006d0730
30331684.170c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DEC424464D0AF38DDC89A3B3615B283EA0C81A93
30341684.170c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\rasadhlp.dll'
30351684.170c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30361684.170c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30371684.170c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rasadhlp.dll)WinVerifyTrust
30381684.170c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rasadhlp.dll
30391684.170c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30401684.170c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
30411684.170c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
30421684.170c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rasadhlp.dll
30431684.170c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9650000 'C:\Windows\system32\rasadhlp.dll'
30441684.170c: supR3HardenedMonitor_LdrLoadDll: pName=C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll *pfFlags=0x0 pwszSearchPath=00000000007cc390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30451684.170c: \Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
30461684.170c: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll)
30471684.170c: Error (rc=0):
30481684.170c: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll'.
30491684.170c: Error (rc=0):
30501684.170c: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll': rcNt=0xc0000190
30511684.170c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll'
30521684.170c: supR3HardenedMonitor_LdrLoadDll: pName=C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll *pfFlags=0x0 pwszSearchPath=00000000007cc390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30531684.170c: \Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
30541684.170c: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll)
30551684.170c: Error (rc=0):
30561684.170c: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll'.
30571684.170c: Error (rc=0):
30581684.170c: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll': rcNt=0xc0000190
30591684.170c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll'
30601684.170c: supR3HardenedMonitor_LdrLoadDll: pName=C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll *pfFlags=0x0 pwszSearchPath=00000000007cc390:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30611684.170c: \Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll: Owner is not trusted installer (01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00)
30621684.170c: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll)
30631684.170c: Error (rc=0):
30641684.170c: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll'.
30651684.170c: Error (rc=0):
30661684.170c: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll': rcNt=0xc0000190
30671684.170c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll'
30681684.b38: supR3HardenedMonitor_LdrLoadDll: pName=OPENGL32 *pfFlags=0x0 pwszSearchPath=0000000003b8ea10:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32
30691684.b38: supR3HardenedMonitor_LdrLoadDll: 'OPENGL32' -> 'C:\Windows\system32\OPENGL32.dll' [rcNt=0xc0150008]
30701684.b38: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
30711684.b38: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebc90000 'C:\Windows\system32\OPENGL32.dll'
30721684.160c: Terminating the normal way: rcExit=0
307314e0.890: supR3HardenedWinDoReSpawn(2): Quitting: ExitCode=0x0 rcNt=0x0
3074520.1024: supR3HardenedWinDoReSpawn(1): Quitting: ExitCode=0x0 rcNt=0x0

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy