VirtualBox

Ticket #14319: VBoxHardening.log

File VBoxHardening.log, 256.0 KB (added by EliasP, 9 years ago)
Line 
12590.2268: Log file opened: 5.0.14r105127 g_hStartupLog=00000000000000c0 g_uNtVerCombined=0x611db110
22590.2268: \SystemRoot\System32\ntdll.dll:
32590.2268: CreationTime: 2016-01-14T16:20:01.908282300Z
42590.2268: LastWriteTime: 2015-12-30T19:05:33.659216000Z
52590.2268: ChangeTime: 2016-01-14T16:39:40.974353400Z
62590.2268: FileAttributes: 0x20
72590.2268: Size: 0x1a67c0
82590.2268: NT Headers: 0xe0
92590.2268: Timestamp: 0x568429e5
102590.2268: Machine: 0x8664 - amd64
112590.2268: Timestamp: 0x568429e5
122590.2268: Image Version: 6.1
132590.2268: SizeOfImage: 0x1a9000 (1740800)
142590.2268: Resource Dir: 0x14d000 LB 0x5a028
152590.2268: ProductName: Microsoft® Windows® Operating System
162590.2268: ProductVersion: 6.1.7601.19110
172590.2268: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
182590.2268: FileDescription: NT Layer DLL
192590.2268: \SystemRoot\System32\kernel32.dll:
202590.2268: CreationTime: 2016-01-14T16:20:02.364308400Z
212590.2268: LastWriteTime: 2015-12-30T18:57:55.730000000Z
222590.2268: ChangeTime: 2016-01-14T16:39:41.067953600Z
232590.2268: FileAttributes: 0x20
242590.2268: Size: 0x11c000
252590.2268: NT Headers: 0xe8
262590.2268: Timestamp: 0x568429dc
272590.2268: Machine: 0x8664 - amd64
282590.2268: Timestamp: 0x568429dc
292590.2268: Image Version: 6.1
302590.2268: SizeOfImage: 0x11f000 (1175552)
312590.2268: Resource Dir: 0x116000 LB 0x528
322590.2268: ProductName: Microsoft® Windows® Operating System
332590.2268: ProductVersion: 6.1.7601.19110
342590.2268: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
352590.2268: FileDescription: Windows NT BASE API Client DLL
362590.2268: \SystemRoot\System32\KernelBase.dll:
372590.2268: CreationTime: 2016-01-14T16:20:01.135238100Z
382590.2268: LastWriteTime: 2015-12-30T18:57:55.761000000Z
392590.2268: ChangeTime: 2016-01-14T16:39:41.067953600Z
402590.2268: FileAttributes: 0x20
412590.2268: Size: 0x67a00
422590.2268: NT Headers: 0xe8
432590.2268: Timestamp: 0x568429dd
442590.2268: Machine: 0x8664 - amd64
452590.2268: Timestamp: 0x568429dd
462590.2268: Image Version: 6.1
472590.2268: SizeOfImage: 0x6c000 (442368)
482590.2268: Resource Dir: 0x6a000 LB 0x530
492590.2268: ProductName: Microsoft® Windows® Operating System
502590.2268: ProductVersion: 6.1.7601.19110
512590.2268: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
522590.2268: FileDescription: Windows NT BASE API Client DLL
532590.2268: \SystemRoot\System32\apisetschema.dll:
542590.2268: CreationTime: 2016-01-14T16:20:00.643210000Z
552590.2268: LastWriteTime: 2015-12-30T18:54:58.839000000Z
562590.2268: ChangeTime: 2016-01-14T16:39:40.958753400Z
572590.2268: FileAttributes: 0x20
582590.2268: Size: 0x1a00
592590.2268: NT Headers: 0xc0
602590.2268: Timestamp: 0x568428c9
612590.2268: Machine: 0x8664 - amd64
622590.2268: Timestamp: 0x568428c9
632590.2268: Image Version: 6.1
642590.2268: SizeOfImage: 0x50000 (327680)
652590.2268: Resource Dir: 0x30000 LB 0x3f8
662590.2268: ProductName: Microsoft® Windows® Operating System
672590.2268: ProductVersion: 6.1.7601.19110
682590.2268: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
692590.2268: FileDescription: ApiSet Schema DLL
702590.2268: Found driver NisDrv (0x400)
712590.2268: supR3HardenedWinFindAdversaries: 0x1400
722590.2268: \SystemRoot\System32\drivers\MpFilter.sys:
732590.2268: CreationTime: 2015-03-04T16:34:52.000000000Z
742590.2268: LastWriteTime: 2015-03-04T16:34:52.000000000Z
752590.2268: ChangeTime: 2015-08-12T16:13:16.404433700Z
762590.2268: FileAttributes: 0x20
772590.2268: Size: 0x44738
782590.2268: NT Headers: 0xf0
792590.2268: Timestamp: 0x54efb880
802590.2268: Machine: 0x8664 - amd64
812590.2268: Timestamp: 0x54efb880
822590.2268: Image Version: 6.3
832590.2268: SizeOfImage: 0x44000 (278528)
842590.2268: Resource Dir: 0x42000 LB 0xd50
852590.2268: ProductName: Microsoft Malware Protection
862590.2268: ProductVersion: 4.8.0200.0
872590.2268: FileVersion: 4.8.0200.0
882590.2268: FileDescription: Microsoft antimalware file system filter driver
892590.2268: \SystemRoot\System32\drivers\NisDrvWFP.sys:
902590.2268: CreationTime: 2013-09-27T06:53:06.000000000Z
912590.2268: LastWriteTime: 2015-03-04T16:34:52.000000000Z
922590.2268: ChangeTime: 2015-08-12T16:13:16.314428500Z
932590.2268: FileAttributes: 0x20
942590.2268: Size: 0x1e698
952590.2268: NT Headers: 0xf0
962590.2268: Timestamp: 0x54efb8af
972590.2268: Machine: 0x8664 - amd64
982590.2268: Timestamp: 0x54efb8af
992590.2268: Image Version: 6.3
1002590.2268: SizeOfImage: 0x1f000 (126976)
1012590.2268: Resource Dir: 0x1c000 LB 0x1b90
1022590.2268: ProductName: Microsoft Malware Protection
1032590.2268: ProductVersion: 4.8.0200.0
1042590.2268: FileVersion: 4.8.0200.0
1052590.2268: FileDescription: Microsoft Network Realtime Inspection Driver
1062590.2268: \SystemRoot\System32\AntiTheftCredentialProvider.dll:
1072590.2268: CreationTime: 2015-04-13T12:15:58.305930700Z
1082590.2268: LastWriteTime: 2014-08-13T08:21:10.000000000Z
1092590.2268: ChangeTime: 2015-04-13T12:15:23.263926400Z
1102590.2268: FileAttributes: 0x20
1112590.2268: Size: 0x9dc88
1122590.2268: NT Headers: 0x108
1132590.2268: Timestamp: 0x53eb1d24
1142590.2268: Machine: 0x8664 - amd64
1152590.2268: Timestamp: 0x53eb1d24
1162590.2268: Image Version: 1.0
1172590.2268: SizeOfImage: 0xa1000 (659456)
1182590.2268: Resource Dir: 0x8d000 LB 0x11498
1192590.2268: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
1202590.2268: Calling main()
1212590.2268: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x3
1222590.2268: supR3HardenedWinInitAppBin(0x3): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
1232590.2268: System32: \Device\HarddiskVolume3\Windows\System32
1242590.2268: WinSxS: \Device\HarddiskVolume3\Windows\winsxs
1252590.2268: KnownDllPath: C:\Windows\system32
1262590.2268: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1272590.2268: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1282590.2268: supR3HardNtEnableThreadCreation:
1292590.2268: bcrypt.dll loaded at 000007fefcc00000, BCryptOpenAlgorithmProvider at 000007fefcc02640, preloading providers:
1302590.2268: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000003c3400)
1312590.2268: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=00000000003c3c90)
1322590.2268: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000003c3f60)
1332590.2268: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000003c4230)
1342590.2268: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000003c4500)
1352590.2268: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=00000000003c47d0)
1362590.2268: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=00000000003c4ae0)
1372590.2268: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000003c4d90)
1382590.2268: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1392590.2268: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000032809d0
1402590.2268: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000032809d0
1412590.2268: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=99113493CCEA6CE03AD58304FCE46D35B665BC85
1422590.2268: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\SystemRoot\System32\ntdll.dll'
1432590.2268: g_pfnWinVerifyTrust=000007fefd371010
1442590.2268: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003c0 pwszName=\Device\HarddiskVolume3\Windows\System32\crypt32.dll
1452590.2268: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000032809d0
1462590.2268: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000032809d0
1472590.2268: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BFD41401EDEBD4D914977D62B588ECABEE60CFD3
1482590.2268: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_112_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
1492590.2268: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1502590.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1512590.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
1522590.2268: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll) WinVerifyTrust
1532590.2268: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
1542590.2268: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003d8 pwszName=\Device\HarddiskVolume3\Windows\System32\wintrust.dll
1552590.2268: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000032809d0
1562590.2268: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000032809d0
1572590.2268: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E1BBE4EB6D114F50142F24E2E2749EFD81021486
1582590.2268: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
1592590.2268: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1602590.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1612590.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
1622590.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
1632590.2268: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1642590.2268: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll) WinVerifyTrust
1652590.2268: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
1662590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xfeb04c7efedfb800 O=Kaspersky Lab ZAO, CN=%PersonalRootCertificateName%
1672590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1682590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1692590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1702590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1712590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1722590.2268: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: C=BZ, ST=Belize, L=Belize City, O=DT Soft Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, CN=DT Soft Ltd
1732590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1742590.2268: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: C=BZ, ST=Belize, L=Belize city, O=Disc Soft Ltd, CN=Disc Soft Ltd, Email=finpr@disc-soft.com
1752590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xe840e6dbe281be00 C=IL, ST=Gush Dan, L=Hertzilia, O=GreenTeam Internet, Ltd., OU=Web, CN=cloudguard.me
1762590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1772590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1782590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xced08517f4c2a400 CN=localhost, O=Skype Click to Call, OU=Skype Click to Call
1792590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
1802590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1812590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1822590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1832590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
1842590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1852590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1862590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x9403a4b8727eb000 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
1872590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
1882590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1892590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
1902590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1912590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1922590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1932590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1942590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1952590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1962590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
1972590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
1982590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
1992590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
2002590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
2012590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
2022590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x35f812d09650dc00 C=FR, O=Certplus, CN=Class 2 Primary CA
2032590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xc66d30927ebce400 C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority
2042590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
2052590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
2062590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
2072590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
2082590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
2092590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
2102590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
2112590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
2122590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x30669a4e82fa800 C=US, O=America Online Inc., CN=America Online Root Certification Authority 1
2132590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
2142590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
2152590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
2162590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x20b7075b3689b600 C=IL, O=StartCom Ltd., CN=StartCom Certification Authority G2
2172590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
2182590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
2192590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x92ac5ed85c2d0e9b C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2007 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G4
2202590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
2212590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
2222590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xa8b43f38c3f7b100 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
2232590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
2242590.2268: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
2252590.2268: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=57
2262590.2268: SUPR3HardenedMain: Load Runtime...
2272590.2268: SUPR3HardenedMain: Load TrustedMain...
2282590.2268: SUPR3HardenedMain: Calling TrustedMain (000007fee09510d0)...
2291960.2644: Log file opened: 5.0.14r105127 g_hStartupLog=00000000000000c8 g_uNtVerCombined=0x611db110
2301960.2644: \SystemRoot\System32\ntdll.dll:
2311960.2644: CreationTime: 2016-01-14T16:20:01.908282300Z
2321960.2644: LastWriteTime: 2015-12-30T19:05:33.659216000Z
2331960.2644: ChangeTime: 2016-01-14T16:39:40.974353400Z
2341960.2644: FileAttributes: 0x20
2351960.2644: Size: 0x1a67c0
2361960.2644: NT Headers: 0xe0
2371960.2644: Timestamp: 0x568429e5
2381960.2644: Machine: 0x8664 - amd64
2391960.2644: Timestamp: 0x568429e5
2401960.2644: Image Version: 6.1
2411960.2644: SizeOfImage: 0x1a9000 (1740800)
2421960.2644: Resource Dir: 0x14d000 LB 0x5a028
2431960.2644: ProductName: Microsoft® Windows® Operating System
2441960.2644: ProductVersion: 6.1.7601.19110
2451960.2644: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
2461960.2644: FileDescription: NT Layer DLL
2471960.2644: \SystemRoot\System32\kernel32.dll:
2481960.2644: CreationTime: 2016-01-14T16:20:02.364308400Z
2491960.2644: LastWriteTime: 2015-12-30T18:57:55.730000000Z
2501960.2644: ChangeTime: 2016-01-14T16:39:41.067953600Z
2511960.2644: FileAttributes: 0x20
2521960.2644: Size: 0x11c000
2531960.2644: NT Headers: 0xe8
2541960.2644: Timestamp: 0x568429dc
2551960.2644: Machine: 0x8664 - amd64
2561960.2644: Timestamp: 0x568429dc
2571960.2644: Image Version: 6.1
2581960.2644: SizeOfImage: 0x11f000 (1175552)
2591960.2644: Resource Dir: 0x116000 LB 0x528
2601960.2644: ProductName: Microsoft® Windows® Operating System
2611960.2644: ProductVersion: 6.1.7601.19110
2621960.2644: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
2631960.2644: FileDescription: Windows NT BASE API Client DLL
2641960.2644: \SystemRoot\System32\KernelBase.dll:
2651960.2644: CreationTime: 2016-01-14T16:20:01.135238100Z
2661960.2644: LastWriteTime: 2015-12-30T18:57:55.761000000Z
2671960.2644: ChangeTime: 2016-01-14T16:39:41.067953600Z
2681960.2644: FileAttributes: 0x20
2691960.2644: Size: 0x67a00
2701960.2644: NT Headers: 0xe8
2711960.2644: Timestamp: 0x568429dd
2721960.2644: Machine: 0x8664 - amd64
2731960.2644: Timestamp: 0x568429dd
2741960.2644: Image Version: 6.1
2751960.2644: SizeOfImage: 0x6c000 (442368)
2761960.2644: Resource Dir: 0x6a000 LB 0x530
2771960.2644: ProductName: Microsoft® Windows® Operating System
2781960.2644: ProductVersion: 6.1.7601.19110
2791960.2644: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
2801960.2644: FileDescription: Windows NT BASE API Client DLL
2811960.2644: \SystemRoot\System32\apisetschema.dll:
2821960.2644: CreationTime: 2016-01-14T16:20:00.643210000Z
2831960.2644: LastWriteTime: 2015-12-30T18:54:58.839000000Z
2841960.2644: ChangeTime: 2016-01-14T16:39:40.958753400Z
2851960.2644: FileAttributes: 0x20
2861960.2644: Size: 0x1a00
2871960.2644: NT Headers: 0xc0
2881960.2644: Timestamp: 0x568428c9
2891960.2644: Machine: 0x8664 - amd64
2901960.2644: Timestamp: 0x568428c9
2911960.2644: Image Version: 6.1
2921960.2644: SizeOfImage: 0x50000 (327680)
2931960.2644: Resource Dir: 0x30000 LB 0x3f8
2941960.2644: ProductName: Microsoft® Windows® Operating System
2951960.2644: ProductVersion: 6.1.7601.19110
2961960.2644: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
2971960.2644: FileDescription: ApiSet Schema DLL
2981960.2644: Found driver NisDrv (0x400)
2991960.2644: supR3HardenedWinFindAdversaries: 0x1400
3001960.2644: \SystemRoot\System32\drivers\MpFilter.sys:
3011960.2644: CreationTime: 2015-03-04T16:34:52.000000000Z
3021960.2644: LastWriteTime: 2015-03-04T16:34:52.000000000Z
3031960.2644: ChangeTime: 2015-08-12T16:13:16.404433700Z
3041960.2644: FileAttributes: 0x20
3051960.2644: Size: 0x44738
3061960.2644: NT Headers: 0xf0
3071960.2644: Timestamp: 0x54efb880
3081960.2644: Machine: 0x8664 - amd64
3091960.2644: Timestamp: 0x54efb880
3101960.2644: Image Version: 6.3
3111960.2644: SizeOfImage: 0x44000 (278528)
3121960.2644: Resource Dir: 0x42000 LB 0xd50
3131960.2644: ProductName: Microsoft Malware Protection
3141960.2644: ProductVersion: 4.8.0200.0
3151960.2644: FileVersion: 4.8.0200.0
3161960.2644: FileDescription: Microsoft antimalware file system filter driver
3171960.2644: \SystemRoot\System32\drivers\NisDrvWFP.sys:
3181960.2644: CreationTime: 2013-09-27T06:53:06.000000000Z
3191960.2644: LastWriteTime: 2015-03-04T16:34:52.000000000Z
3201960.2644: ChangeTime: 2015-08-12T16:13:16.314428500Z
3211960.2644: FileAttributes: 0x20
3221960.2644: Size: 0x1e698
3231960.2644: NT Headers: 0xf0
3241960.2644: Timestamp: 0x54efb8af
3251960.2644: Machine: 0x8664 - amd64
3261960.2644: Timestamp: 0x54efb8af
3271960.2644: Image Version: 6.3
3281960.2644: SizeOfImage: 0x1f000 (126976)
3291960.2644: Resource Dir: 0x1c000 LB 0x1b90
3301960.2644: ProductName: Microsoft Malware Protection
3311960.2644: ProductVersion: 4.8.0200.0
3321960.2644: FileVersion: 4.8.0200.0
3331960.2644: FileDescription: Microsoft Network Realtime Inspection Driver
3341960.2644: \SystemRoot\System32\AntiTheftCredentialProvider.dll:
3351960.2644: CreationTime: 2015-04-13T12:15:58.305930700Z
3361960.2644: LastWriteTime: 2014-08-13T08:21:10.000000000Z
3371960.2644: ChangeTime: 2015-04-13T12:15:23.263926400Z
3381960.2644: FileAttributes: 0x20
3391960.2644: Size: 0x9dc88
3401960.2644: NT Headers: 0x108
3411960.2644: Timestamp: 0x53eb1d24
3421960.2644: Machine: 0x8664 - amd64
3431960.2644: Timestamp: 0x53eb1d24
3441960.2644: Image Version: 1.0
3451960.2644: SizeOfImage: 0xa1000 (659456)
3461960.2644: Resource Dir: 0x8d000 LB 0x11498
3471960.2644: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
3481960.2644: Calling main()
3491960.2644: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0
3501960.2644: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
3511960.2644: SUPR3HardenedMain: Respawn #1
3521960.2644: System32: \Device\HarddiskVolume3\Windows\System32
3531960.2644: WinSxS: \Device\HarddiskVolume3\Windows\winsxs
3541960.2644: KnownDllPath: C:\Windows\system32
3551960.2644: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
3561960.2644: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe)
3571960.2644: supR3HardNtEnableThreadCreation:
3581960.2644: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007751b630 pvNtTerminateThread=000000007753dee0
3591960.2644: supR3HardenedWinDoReSpawn(1): New child 108c.2748 [kernel32].
3601960.2644: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdc000 cbPeb=0x380
3611960.2644: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000774f0000 uNtDllChildAddr=00000000774f0000
3621960.2644: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007751b630
3631960.2644: supR3HardenedWinSetupChildInit: Start child.
3641960.2644: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
3651960.2644: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 45 sleeps
3661960.2644: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
3671960.2644: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
3681960.2644: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
3691960.2644: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
3701960.2644: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
3711960.2644: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
3721960.2644: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
3731960.2644: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
3741960.2644: 0000000000051000-ffffffffffe81fff 0x0001/0x0000 0x0000000
3751960.2644: *0000000000220000-0000000000123fff 0x0000/0x0004 0x0020000
3761960.2644: 000000000031c000-0000000000318fff 0x0104/0x0004 0x0020000
3771960.2644: 000000000031f000-000000000031dfff 0x0004/0x0004 0x0020000
3781960.2644: 0000000000320000-ffffffff8914ffff 0x0001/0x0000 0x0000000
3791960.2644: *00000000774f0000-00000000774f0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
3801960.2644: 00000000774f1000-00000000775eefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
3811960.2644: 00000000775ef000-000000007761dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
3821960.2644: 000000007761e000-0000000077625fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
3831960.2644: 0000000077626000-0000000077626fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
3841960.2644: 0000000077627000-0000000077629fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
3851960.2644: 000000007762a000-0000000077698fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
3861960.2644: 0000000077699000-000000006fd51fff 0x0001/0x0000 0x0000000
3871960.2644: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
3881960.2644: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
3891960.2644: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
3901960.2644: 000000007fff0000-ffffffffc076ffff 0x0001/0x0000 0x0000000
3911960.2644: *000000013f870000-000000013f870fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
3921960.2644: 000000013f871000-000000013f8f7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
3931960.2644: 000000013f8f8000-000000013f8f8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
3941960.2644: 000000013f8f9000-000000013f943fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
3951960.2644: 000000013f944000-000000013f944fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
3961960.2644: 000000013f945000-000000013f945fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
3971960.2644: 000000013f946000-000000013f94afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
3981960.2644: 000000013f94b000-000000013f94bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
3991960.2644: 000000013f94c000-000000013f94cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4001960.2644: 000000013f94d000-000000013f950fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4011960.2644: 000000013f951000-000000013f99bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
4021960.2644: 000000013f99c000-fffff8037fb27fff 0x0001/0x0000 0x0000000
4031960.2644: *000007feff810000-000007feff810fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apisetschema.dll
4041960.2644: 000007feff811000-000007fdff071fff 0x0001/0x0000 0x0000000
4051960.2644: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
4061960.2644: 000007fffffd3000-000007fffffc9fff 0x0001/0x0000 0x0000000
4071960.2644: *000007fffffdc000-000007fffffdafff 0x0004/0x0004 0x0020000
4081960.2644: 000007fffffdd000-000007fffffdbfff 0x0001/0x0000 0x0000000
4091960.2644: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
4101960.2644: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
4111960.2644: apisetschema.dll: timestamp 0x568428c9 (rc=VINF_SUCCESS)
4121960.2644: VBoxHeadless.exe: timestamp 0x569e6712 (rc=VINF_SUCCESS)
4131960.2644: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
4141960.2644: '\Device\HarddiskVolume3\Windows\System32\apisetschema.dll' has no imports
4151960.2644: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
4161960.2644: supR3HardNtChildPurify: Done after 528 ms and 0 fixes (loop #0).
417108c.2748: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
418108c.2748: supR3HardenedVmProcessInit: uNtDllAddr=00000000774f0000
419108c.2748: ntdll.dll: timestamp 0x568429e5 (rc=VINF_SUCCESS)
420108c.2748: New simple heap: #1 0000000000320000 LB 0x400000 (for 1740800 allocation)
4211960.2644: supR3HardNtEnableThreadCreation:
422108c.2748: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
423108c.2748: System32: \Device\HarddiskVolume3\Windows\System32
424108c.2748: WinSxS: \Device\HarddiskVolume3\Windows\winsxs
425108c.2748: KnownDllPath: C:\Windows\system32
426108c.2748: supR3HardenedVmProcessInit: Opening vboxdrv stub...
427108c.2748: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
428108c.2748: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
429108c.2748: Registered Dll notification callback with NTDLL.
430108c.2748: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
431108c.2748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
432108c.2748: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
433108c.2748: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
434108c.2748: supR3HardenedDllNotificationCallback: load 00000000773d0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
435108c.2748: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
436108c.2748: supR3HardenedDllNotificationCallback: load 000007fefd2f0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
437108c.2748: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
438108c.2748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
439108c.2748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000773d0000 'C:\Windows\system32\kernel32.dll'
440108c.2748: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007751b630 pvNtTerminateThread=000000007753dee0
4411960.2644: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 16 ms.
442108c.2748: \SystemRoot\System32\ntdll.dll:
443108c.2748: CreationTime: 2016-01-14T16:20:01.908282300Z
444108c.2748: LastWriteTime: 2015-12-30T19:05:33.659216000Z
445108c.2748: ChangeTime: 2016-01-14T16:39:40.974353400Z
446108c.2748: FileAttributes: 0x20
447108c.2748: Size: 0x1a67c0
448108c.2748: NT Headers: 0xe0
449108c.2748: Timestamp: 0x568429e5
450108c.2748: Machine: 0x8664 - amd64
451108c.2748: Timestamp: 0x568429e5
452108c.2748: Image Version: 6.1
453108c.2748: SizeOfImage: 0x1a9000 (1740800)
454108c.2748: Resource Dir: 0x14d000 LB 0x5a028
455108c.2748: ProductName: Microsoft® Windows® Operating System
456108c.2748: ProductVersion: 6.1.7601.19110
457108c.2748: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
458108c.2748: FileDescription: NT Layer DLL
459108c.2748: \SystemRoot\System32\kernel32.dll:
460108c.2748: CreationTime: 2016-01-14T16:20:02.364308400Z
461108c.2748: LastWriteTime: 2015-12-30T18:57:55.730000000Z
462108c.2748: ChangeTime: 2016-01-14T16:39:41.067953600Z
463108c.2748: FileAttributes: 0x20
464108c.2748: Size: 0x11c000
465108c.2748: NT Headers: 0xe8
466108c.2748: Timestamp: 0x568429dc
467108c.2748: Machine: 0x8664 - amd64
468108c.2748: Timestamp: 0x568429dc
469108c.2748: Image Version: 6.1
470108c.2748: SizeOfImage: 0x11f000 (1175552)
471108c.2748: Resource Dir: 0x116000 LB 0x528
472108c.2748: ProductName: Microsoft® Windows® Operating System
473108c.2748: ProductVersion: 6.1.7601.19110
474108c.2748: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
475108c.2748: FileDescription: Windows NT BASE API Client DLL
476108c.2748: \SystemRoot\System32\KernelBase.dll:
477108c.2748: CreationTime: 2016-01-14T16:20:01.135238100Z
478108c.2748: LastWriteTime: 2015-12-30T18:57:55.761000000Z
479108c.2748: ChangeTime: 2016-01-14T16:39:41.067953600Z
480108c.2748: FileAttributes: 0x20
481108c.2748: Size: 0x67a00
482108c.2748: NT Headers: 0xe8
483108c.2748: Timestamp: 0x568429dd
484108c.2748: Machine: 0x8664 - amd64
485108c.2748: Timestamp: 0x568429dd
486108c.2748: Image Version: 6.1
487108c.2748: SizeOfImage: 0x6c000 (442368)
488108c.2748: Resource Dir: 0x6a000 LB 0x530
489108c.2748: ProductName: Microsoft® Windows® Operating System
490108c.2748: ProductVersion: 6.1.7601.19110
491108c.2748: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
492108c.2748: FileDescription: Windows NT BASE API Client DLL
493108c.2748: \SystemRoot\System32\apisetschema.dll:
494108c.2748: CreationTime: 2016-01-14T16:20:00.643210000Z
495108c.2748: LastWriteTime: 2015-12-30T18:54:58.839000000Z
496108c.2748: ChangeTime: 2016-01-14T16:39:40.958753400Z
497108c.2748: FileAttributes: 0x20
498108c.2748: Size: 0x1a00
499108c.2748: NT Headers: 0xc0
500108c.2748: Timestamp: 0x568428c9
501108c.2748: Machine: 0x8664 - amd64
502108c.2748: Timestamp: 0x568428c9
503108c.2748: Image Version: 6.1
504108c.2748: SizeOfImage: 0x50000 (327680)
505108c.2748: Resource Dir: 0x30000 LB 0x3f8
506108c.2748: ProductName: Microsoft® Windows® Operating System
507108c.2748: ProductVersion: 6.1.7601.19110
508108c.2748: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
509108c.2748: FileDescription: ApiSet Schema DLL
510108c.2748: Found driver NisDrv (0x400)
511108c.2748: supR3HardenedWinFindAdversaries: 0x1400
512108c.2748: \SystemRoot\System32\drivers\MpFilter.sys:
513108c.2748: CreationTime: 2015-03-04T16:34:52.000000000Z
514108c.2748: LastWriteTime: 2015-03-04T16:34:52.000000000Z
515108c.2748: ChangeTime: 2015-08-12T16:13:16.404433700Z
516108c.2748: FileAttributes: 0x20
517108c.2748: Size: 0x44738
518108c.2748: NT Headers: 0xf0
519108c.2748: Timestamp: 0x54efb880
520108c.2748: Machine: 0x8664 - amd64
521108c.2748: Timestamp: 0x54efb880
522108c.2748: Image Version: 6.3
523108c.2748: SizeOfImage: 0x44000 (278528)
524108c.2748: Resource Dir: 0x42000 LB 0xd50
525108c.2748: ProductName: Microsoft Malware Protection
526108c.2748: ProductVersion: 4.8.0200.0
527108c.2748: FileVersion: 4.8.0200.0
528108c.2748: FileDescription: Microsoft antimalware file system filter driver
529108c.2748: \SystemRoot\System32\drivers\NisDrvWFP.sys:
530108c.2748: CreationTime: 2013-09-27T06:53:06.000000000Z
531108c.2748: LastWriteTime: 2015-03-04T16:34:52.000000000Z
532108c.2748: ChangeTime: 2015-08-12T16:13:16.314428500Z
533108c.2748: FileAttributes: 0x20
534108c.2748: Size: 0x1e698
535108c.2748: NT Headers: 0xf0
536108c.2748: Timestamp: 0x54efb8af
537108c.2748: Machine: 0x8664 - amd64
538108c.2748: Timestamp: 0x54efb8af
539108c.2748: Image Version: 6.3
540108c.2748: SizeOfImage: 0x1f000 (126976)
541108c.2748: Resource Dir: 0x1c000 LB 0x1b90
542108c.2748: ProductName: Microsoft Malware Protection
543108c.2748: ProductVersion: 4.8.0200.0
544108c.2748: FileVersion: 4.8.0200.0
545108c.2748: FileDescription: Microsoft Network Realtime Inspection Driver
546108c.2748: \SystemRoot\System32\AntiTheftCredentialProvider.dll:
547108c.2748: CreationTime: 2015-04-13T12:15:58.305930700Z
548108c.2748: LastWriteTime: 2014-08-13T08:21:10.000000000Z
549108c.2748: ChangeTime: 2015-04-13T12:15:23.263926400Z
550108c.2748: FileAttributes: 0x20
551108c.2748: Size: 0x9dc88
552108c.2748: NT Headers: 0x108
553108c.2748: Timestamp: 0x53eb1d24
554108c.2748: Machine: 0x8664 - amd64
555108c.2748: Timestamp: 0x53eb1d24
556108c.2748: Image Version: 1.0
557108c.2748: SizeOfImage: 0xa1000 (659456)
558108c.2748: Resource Dir: 0x8d000 LB 0x11498
559108c.2748: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
560108c.2748: Calling main()
561108c.2748: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0
562108c.2748: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
563108c.2748: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
564108c.2748: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe)
565108c.2748: SUPR3HardenedMain: Respawn #2
566108c.2748: supR3HardNtEnableThreadCreation:
567108c.2748: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\apphelp.dll)
568108c.2748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\apphelp.dll
569108c.2748: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
570108c.2748: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
571108c.2748: supR3HardenedDllNotificationCallback: load 000007fefd180000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
572108c.2748: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
573108c.2748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd180000 'C:\Windows\system32\apphelp.dll'
574108c.2748: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007751b630 pvNtTerminateThread=000000007753dee0
575108c.2748: supR3HardenedWinDoReSpawn(2): New child 26e8.17c0 [kernel32].
576108c.2748: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
577108c.2748: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000774f0000 uNtDllChildAddr=00000000774f0000
578108c.2748: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007751b630
579108c.2748: supR3HardenedWinSetupChildInit: Start child.
580108c.2748: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
581108c.2748: supR3HardNtChildPurify: Startup delay kludge #1/0: 515 ms, 33 sleeps
582108c.2748: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
583108c.2748: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
584108c.2748: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
585108c.2748: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
586108c.2748: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
587108c.2748: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
588108c.2748: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
589108c.2748: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
590108c.2748: 0000000000051000-ffffffffffec1fff 0x0001/0x0000 0x0000000
591108c.2748: *00000000001e0000-00000000000e3fff 0x0000/0x0004 0x0020000
592108c.2748: 00000000002dc000-00000000002d8fff 0x0104/0x0004 0x0020000
593108c.2748: 00000000002df000-00000000002ddfff 0x0004/0x0004 0x0020000
594108c.2748: 00000000002e0000-ffffffff890cffff 0x0001/0x0000 0x0000000
595108c.2748: *00000000774f0000-00000000774f0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
596108c.2748: 00000000774f1000-00000000775eefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
597108c.2748: 00000000775ef000-000000007761dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
598108c.2748: 000000007761e000-0000000077625fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
599108c.2748: 0000000077626000-0000000077626fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
600108c.2748: 0000000077627000-0000000077629fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
601108c.2748: 000000007762a000-0000000077698fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
602108c.2748: 0000000077699000-000000006fd51fff 0x0001/0x0000 0x0000000
603108c.2748: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
604108c.2748: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
605108c.2748: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
606108c.2748: 000000007fff0000-ffffffffc076ffff 0x0001/0x0000 0x0000000
607108c.2748: *000000013f870000-000000013f870fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
608108c.2748: 000000013f871000-000000013f8f7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
609108c.2748: 000000013f8f8000-000000013f8f8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
610108c.2748: 000000013f8f9000-000000013f943fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
611108c.2748: 000000013f944000-000000013f944fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
612108c.2748: 000000013f945000-000000013f945fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
613108c.2748: 000000013f946000-000000013f94afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
614108c.2748: 000000013f94b000-000000013f94bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
615108c.2748: 000000013f94c000-000000013f94cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
616108c.2748: 000000013f94d000-000000013f950fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
617108c.2748: 000000013f951000-000000013f99bfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
618108c.2748: 000000013f99c000-fffff8037fb27fff 0x0001/0x0000 0x0000000
619108c.2748: *000007feff810000-000007feff810fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apisetschema.dll
620108c.2748: 000007feff811000-000007fdff071fff 0x0001/0x0000 0x0000000
621108c.2748: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
622108c.2748: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
623108c.2748: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
624108c.2748: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
625108c.2748: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
626108c.2748: apisetschema.dll: timestamp 0x568428c9 (rc=VINF_SUCCESS)
627108c.2748: VBoxHeadless.exe: timestamp 0x569e6712 (rc=VINF_SUCCESS)
628108c.2748: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
629108c.2748: '\Device\HarddiskVolume3\Windows\System32\apisetschema.dll' has no imports
630108c.2748: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
631108c.2748: supR3HardNtChildPurify: Done after 531 ms and 0 fixes (loop #0).
63226e8.17c0: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
63326e8.17c0: supR3HardenedVmProcessInit: uNtDllAddr=00000000774f0000
63426e8.17c0: ntdll.dll: timestamp 0x568429e5 (rc=VINF_SUCCESS)
63526e8.17c0: New simple heap: #1 00000000002e0000 LB 0x400000 (for 1740800 allocation)
636108c.2748: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000320000 LB 0x400000)
637108c.2748: supR3HardNtEnableThreadCreation:
63826e8.17c0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
63926e8.17c0: System32: \Device\HarddiskVolume3\Windows\System32
64026e8.17c0: WinSxS: \Device\HarddiskVolume3\Windows\winsxs
64126e8.17c0: KnownDllPath: C:\Windows\system32
64226e8.17c0: supR3HardenedVmProcessInit: Opening vboxdrv...
64326e8.17c0: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
64426e8.17c0: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
64526e8.17c0: Registered Dll notification callback with NTDLL.
64626e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
64726e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
64826e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
64926e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
65026e8.17c0: supR3HardenedDllNotificationCallback: load 00000000773d0000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
65126e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
65226e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefd2f0000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
65326e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
65426e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
65526e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000773d0000 'C:\Windows\system32\kernel32.dll'
65626e8.17c0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007751b630 pvNtTerminateThread=000000007753dee0
657108c.2748: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 15 ms.
65826e8.17c0: \SystemRoot\System32\ntdll.dll:
65926e8.17c0: CreationTime: 2016-01-14T16:20:01.908282300Z
66026e8.17c0: LastWriteTime: 2015-12-30T19:05:33.659216000Z
66126e8.17c0: ChangeTime: 2016-01-14T16:39:40.974353400Z
66226e8.17c0: FileAttributes: 0x20
66326e8.17c0: Size: 0x1a67c0
66426e8.17c0: NT Headers: 0xe0
66526e8.17c0: Timestamp: 0x568429e5
66626e8.17c0: Machine: 0x8664 - amd64
66726e8.17c0: Timestamp: 0x568429e5
66826e8.17c0: Image Version: 6.1
66926e8.17c0: SizeOfImage: 0x1a9000 (1740800)
67026e8.17c0: Resource Dir: 0x14d000 LB 0x5a028
67126e8.17c0: ProductName: Microsoft® Windows® Operating System
67226e8.17c0: ProductVersion: 6.1.7601.19110
67326e8.17c0: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
67426e8.17c0: FileDescription: NT Layer DLL
67526e8.17c0: \SystemRoot\System32\kernel32.dll:
67626e8.17c0: CreationTime: 2016-01-14T16:20:02.364308400Z
67726e8.17c0: LastWriteTime: 2015-12-30T18:57:55.730000000Z
67826e8.17c0: ChangeTime: 2016-01-14T16:39:41.067953600Z
67926e8.17c0: FileAttributes: 0x20
68026e8.17c0: Size: 0x11c000
68126e8.17c0: NT Headers: 0xe8
68226e8.17c0: Timestamp: 0x568429dc
68326e8.17c0: Machine: 0x8664 - amd64
68426e8.17c0: Timestamp: 0x568429dc
68526e8.17c0: Image Version: 6.1
68626e8.17c0: SizeOfImage: 0x11f000 (1175552)
68726e8.17c0: Resource Dir: 0x116000 LB 0x528
68826e8.17c0: ProductName: Microsoft® Windows® Operating System
68926e8.17c0: ProductVersion: 6.1.7601.19110
69026e8.17c0: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
69126e8.17c0: FileDescription: Windows NT BASE API Client DLL
69226e8.17c0: \SystemRoot\System32\KernelBase.dll:
69326e8.17c0: CreationTime: 2016-01-14T16:20:01.135238100Z
69426e8.17c0: LastWriteTime: 2015-12-30T18:57:55.761000000Z
69526e8.17c0: ChangeTime: 2016-01-14T16:39:41.067953600Z
69626e8.17c0: FileAttributes: 0x20
69726e8.17c0: Size: 0x67a00
69826e8.17c0: NT Headers: 0xe8
69926e8.17c0: Timestamp: 0x568429dd
70026e8.17c0: Machine: 0x8664 - amd64
70126e8.17c0: Timestamp: 0x568429dd
70226e8.17c0: Image Version: 6.1
70326e8.17c0: SizeOfImage: 0x6c000 (442368)
70426e8.17c0: Resource Dir: 0x6a000 LB 0x530
70526e8.17c0: ProductName: Microsoft® Windows® Operating System
70626e8.17c0: ProductVersion: 6.1.7601.19110
70726e8.17c0: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
70826e8.17c0: FileDescription: Windows NT BASE API Client DLL
70926e8.17c0: \SystemRoot\System32\apisetschema.dll:
71026e8.17c0: CreationTime: 2016-01-14T16:20:00.643210000Z
71126e8.17c0: LastWriteTime: 2015-12-30T18:54:58.839000000Z
71226e8.17c0: ChangeTime: 2016-01-14T16:39:40.958753400Z
71326e8.17c0: FileAttributes: 0x20
71426e8.17c0: Size: 0x1a00
71526e8.17c0: NT Headers: 0xc0
71626e8.17c0: Timestamp: 0x568428c9
71726e8.17c0: Machine: 0x8664 - amd64
71826e8.17c0: Timestamp: 0x568428c9
71926e8.17c0: Image Version: 6.1
72026e8.17c0: SizeOfImage: 0x50000 (327680)
72126e8.17c0: Resource Dir: 0x30000 LB 0x3f8
72226e8.17c0: ProductName: Microsoft® Windows® Operating System
72326e8.17c0: ProductVersion: 6.1.7601.19110
72426e8.17c0: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
72526e8.17c0: FileDescription: ApiSet Schema DLL
72626e8.17c0: Found driver NisDrv (0x400)
72726e8.17c0: supR3HardenedWinFindAdversaries: 0x1400
72826e8.17c0: \SystemRoot\System32\drivers\MpFilter.sys:
72926e8.17c0: CreationTime: 2015-03-04T16:34:52.000000000Z
73026e8.17c0: LastWriteTime: 2015-03-04T16:34:52.000000000Z
73126e8.17c0: ChangeTime: 2015-08-12T16:13:16.404433700Z
73226e8.17c0: FileAttributes: 0x20
73326e8.17c0: Size: 0x44738
73426e8.17c0: NT Headers: 0xf0
73526e8.17c0: Timestamp: 0x54efb880
73626e8.17c0: Machine: 0x8664 - amd64
73726e8.17c0: Timestamp: 0x54efb880
73826e8.17c0: Image Version: 6.3
73926e8.17c0: SizeOfImage: 0x44000 (278528)
74026e8.17c0: Resource Dir: 0x42000 LB 0xd50
74126e8.17c0: ProductName: Microsoft Malware Protection
74226e8.17c0: ProductVersion: 4.8.0200.0
74326e8.17c0: FileVersion: 4.8.0200.0
74426e8.17c0: FileDescription: Microsoft antimalware file system filter driver
74526e8.17c0: \SystemRoot\System32\drivers\NisDrvWFP.sys:
74626e8.17c0: CreationTime: 2013-09-27T06:53:06.000000000Z
74726e8.17c0: LastWriteTime: 2015-03-04T16:34:52.000000000Z
74826e8.17c0: ChangeTime: 2015-08-12T16:13:16.314428500Z
74926e8.17c0: FileAttributes: 0x20
75026e8.17c0: Size: 0x1e698
75126e8.17c0: NT Headers: 0xf0
75226e8.17c0: Timestamp: 0x54efb8af
75326e8.17c0: Machine: 0x8664 - amd64
75426e8.17c0: Timestamp: 0x54efb8af
75526e8.17c0: Image Version: 6.3
75626e8.17c0: SizeOfImage: 0x1f000 (126976)
75726e8.17c0: Resource Dir: 0x1c000 LB 0x1b90
75826e8.17c0: ProductName: Microsoft Malware Protection
75926e8.17c0: ProductVersion: 4.8.0200.0
76026e8.17c0: FileVersion: 4.8.0200.0
76126e8.17c0: FileDescription: Microsoft Network Realtime Inspection Driver
76226e8.17c0: \SystemRoot\System32\AntiTheftCredentialProvider.dll:
76326e8.17c0: CreationTime: 2015-04-13T12:15:58.305930700Z
76426e8.17c0: LastWriteTime: 2014-08-13T08:21:10.000000000Z
76526e8.17c0: ChangeTime: 2015-04-13T12:15:23.263926400Z
76626e8.17c0: FileAttributes: 0x20
76726e8.17c0: Size: 0x9dc88
76826e8.17c0: NT Headers: 0x108
76926e8.17c0: Timestamp: 0x53eb1d24
77026e8.17c0: Machine: 0x8664 - amd64
77126e8.17c0: Timestamp: 0x53eb1d24
77226e8.17c0: Image Version: 1.0
77326e8.17c0: SizeOfImage: 0xa1000 (659456)
77426e8.17c0: Resource Dir: 0x8d000 LB 0x11498
77526e8.17c0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
77626e8.17c0: Calling main()
77726e8.17c0: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0
77826e8.17c0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
77926e8.17c0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports
78026e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe)
78126e8.17c0: SUPR3HardenedMain: Final process, opening VBoxDrv...
78226e8.17c0: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002e0000 LB 0x400000)
78326e8.17c0: supR3HardNtEnableThreadCreation:
78426e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
78526e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
78626e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d56f0:C:\Windows\system32 [calling]
78726e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
78826e8.17c0: supR3HardenedDllNotificationCallback: load 000007fef8650000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
78926e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
79026e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
79126e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
79226e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8650000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
79326e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
79426e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
79526e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8650000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
79626e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef8650000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
79726e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
79826e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
79926e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
80026e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
80126e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll)
80226e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
80326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
80426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
80526e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
80626e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
80726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
80826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
80926e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll)
81026e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll
81126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
81226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
81326e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
81426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
81526e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll)
81626e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
81726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
81826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
81926e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
82026e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
82126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
82226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
82326e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
82426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
82526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
82626e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
82726e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d56f0:C:\Windows\system32 [calling]
82826e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
82926e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefd370000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
83026e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
83126e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefd930000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
83226e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
83326e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefd4a0000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
83426e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
83526e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefd290000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
83626e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
83726e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefe110000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
83826e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
83926e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd370000 'C:\Windows\system32\Wintrust.dll'
84026e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
84126e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
84226e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000094b4f0:C:\Windows\system32 [calling]
84326e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
84426e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefcc00000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
84526e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
84626e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc00000 'C:\Windows\system32\bcrypt.dll'
84726e8.17c0: bcrypt.dll loaded at 000007fefcc00000, BCryptOpenAlgorithmProvider at 000007fefcc02640, preloading providers:
84826e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
84926e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
85026e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
85126e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
85226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
85326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
85426e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
85526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
85626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
85726e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
85826e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
85926e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
86026e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
86126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
86226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
86326e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
86426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
86526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
86626e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
86726e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
86826e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
86926e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefc700000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
87026e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
87126e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefdb60000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
87226e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
87326e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
87426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
87526e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
87626e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
87726e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefe7f0000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
87826e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
87926e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc700000 'C:\Windows\system32\bcryptprimitives.dll'
88026e8.17c0: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000094cb90)
88126e8.17c0: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000094fa50)
88226e8.17c0: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000094fb70)
88326e8.17c0: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000094fd80)
88426e8.17c0: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000094fea0)
88526e8.17c0: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000094ffd0)
88626e8.17c0: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000950210)
88726e8.17c0: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000950330)
88826e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll)
88926e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
89026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
89126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
89226e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
89326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
89426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
89526e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
89626e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
89726e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
89826e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefccc0000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
89926e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
90026e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefccc0000 'C:\Windows\system32\CRYPTSP.dll'
90126e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
90226e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll)
90326e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
90426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
90526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
90626e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
90726e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
90826e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
90926e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefc7a0000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
91026e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
91126e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc7a0000 'C:\Windows\system32\rsaenh.dll'
91226e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
91326e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
91426e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb60000 'C:\Windows\system32\ADVAPI32.dll'
91526e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
91626e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
91726e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
91826e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
91926e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefd0d0000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
92026e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
92126e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0d0000 'C:\Windows\system32\CRYPTBASE.dll'
92226e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
92326e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
92426e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000773d0000 'C:\Windows\system32\kernel32.dll'
92526e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
92626e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
92726e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd370000 'C:\Windows\system32\WINTRUST.DLL'
92826e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
92926e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
93026e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4a0000 'C:\Windows\system32\CRYPT32.dll'
93126e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
93226e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
93326e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll)
93426e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll
93526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
93626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
93726e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
93826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
93926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
94026e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
94126e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
94226e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
94326e8.17c0: supR3HardenedDllNotificationCallback: load 000007feff700000 LB 0x00019000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
94426e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
94526e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff700000 'C:\Windows\system32\imagehlp.dll'
94626e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
94726e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
94826e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefccc0000 'C:\Windows\system32\CRYPTSP.dll'
94926e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
95026e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
95126e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
95226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
95326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
95426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
95526e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
95626e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
95726e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
95826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
95926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume3\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
96026e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
96126e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
96226e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
96326e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\lpk.dll)
96426e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\lpk.dll
96526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
96626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
96726e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
96826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
96926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume3\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
97026e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
97126e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
97226e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
97326e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\usp10.dll)
97426e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\usp10.dll
97526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
97626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
97726e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
97826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
97926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
98026e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
98126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
98226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
98326e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
98426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
98526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
98626e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
98726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
98826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
98926e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
99026e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
99126e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
99226e8.17c0: supR3HardenedDllNotificationCallback: load 00000000772d0000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
99326e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
99426e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefd8c0000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
99526e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
99626e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefd8b0000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
99726e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\lpk.dll [lacks WinVerifyTrust]
99826e8.17c0: supR3HardenedDllNotificationCallback: load 000007feff720000 LB 0x000ca000 C:\Windows\system32\USP10.dll [fFlags=0x0]
99926e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\usp10.dll [lacks WinVerifyTrust]
100026e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
100126e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
100226e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd8c0000 'C:\Windows\system32\gdi32.dll'
100326e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
100426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
100526e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
100626e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
100726e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
100826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
100926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume3\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
101026e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
101126e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
101226e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
101326e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
101426e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
101526e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
101626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
101726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
101826e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
101926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
102026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
102126e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
102226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
102326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
102426e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
102526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
102626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
102726e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
102826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
102926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
103026e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
103126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
103226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
103326e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
103426e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
103526e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
103626e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefe760000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
103726e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
103826e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefe000000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
103926e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msctf.dll [lacks WinVerifyTrust]
104026e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe760000 'C:\Windows\system32\IMM32.DLL'
104126e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000772d0000 'C:\Windows\system32\USER32.dll'
104226e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
104326e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
104426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
104526e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\ncrypt.dll)
104626e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ncrypt.dll
104726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
104826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
104926e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
105026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
105126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
105226e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
105326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
105426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
105526e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
105626e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
105726e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
105826e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefcc30000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
105926e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
106026e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc30000 'C:\Windows\system32\ncrypt.dll'
106126e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
106226e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
106326e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc00000 'C:\Windows\system32\bcrypt.dll'
106426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
106526e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
106626e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
106726e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\userenv.dll)
106826e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll
106926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
107026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
107126e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
107226e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
107326e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
107426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
107526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
107626e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
107726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
107826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
107926e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
108026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
108126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
108226e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
108326e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
108426e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\userenv.dll [lacks WinVerifyTrust]
108526e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefd3c0000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
108626e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\userenv.dll [lacks WinVerifyTrust]
108726e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefd2a0000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
108826e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust]
108926e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'C:\Windows\system32\USERENV.dll'
109026e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
109126e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7f0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
109226e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
109326e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7f0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
109426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
109526e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
109626e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll)
109726e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll
109826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
109926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
110026e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
110126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
110226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
110326e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
110426e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
110526e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
110626e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefc600000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
110726e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
110826e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc600000 'C:\Windows\system32\GPAPI.dll'
110926e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
111026e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7f0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
111126e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
111226e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
111326e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe110000 'C:\Windows\system32\rpcrt4.dll'
111426e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
111526e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7f0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
111626e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
111726e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7f0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
111826e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
111926e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
112026e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
112126e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
112226e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll)
112326e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
112426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
112526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume3\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
112626e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
112726e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\Wldap32.dll)
112826e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\Wldap32.dll
112926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
113026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
113126e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
113226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
113326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
113426e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
113526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
113626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
113726e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
113826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
113926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
114026e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
114126e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
114226e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
114326e8.17c0: supR3HardenedDllNotificationCallback: load 000007fef7c50000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
114426e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
114526e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefe790000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
114626e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
114726e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
114826e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
114926e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
115026e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
115126e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
115226e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
115326e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
115426e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
115526e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
115626e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
115726e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
115826e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
115926e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
116026e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
116126e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
116226e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
116326e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
116426e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
116526e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
116626e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
116726e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
116826e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
116926e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
117026e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
117126e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
117226e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
117326e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
117426e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
117526e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
117626e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
117726e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7c50000 'C:\Windows\system32\cryptnet.dll'
117826e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
117926e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7f0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
118026e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust]
118126e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
118226e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd2a0000 'C:\Windows\system32\profapi.dll'
118326e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
118426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
118526e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
118626e8.17c0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
118726e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
118826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
118926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
119026e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
119126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
119226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
119326e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
119426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
119526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
119626e8.17c0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
119726e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
119826e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
119926e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefe8f0000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
120026e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
120126e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe8f0000 'C:\Windows\system32\SHLWAPI.dll'
120226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
120326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000002693db0
120426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
120526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=99113493CCEA6CE03AD58304FCE46D35B665BC85
120626e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
120726e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7f0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
120826e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
120926e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7f0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
121026e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
121126e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7f0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
121226e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
121326e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
121426e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb60000 'C:\Windows\system32\ADVAPI32.dll'
121526e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
121626e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7f0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
121726e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
121826e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe7f0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
121926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\SystemRoot\System32\ntdll.dll'
122026e8.17c0: g_pfnWinVerifyTrust=000007fefd371010
122126e8.17c0: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
122226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume3\Windows\System32\crypt32.dll
122326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
122426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
122526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BFD41401EDEBD4D914977D62B588ECABEE60CFD3
122626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_112_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
122726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
122826e8.17c0: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
122926e8.17c0: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
123026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume3\Windows\System32\wintrust.dll
123126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
123226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
123326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E1BBE4EB6D114F50142F24E2E2749EFD81021486
123426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
123526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
123626e8.17c0: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
123726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003c4 pwszName=\Device\HarddiskVolume3\Windows\System32\shlwapi.dll
123826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
123926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
124026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
124126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
124226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
124326e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
124426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003b8 pwszName=\Device\HarddiskVolume3\Windows\System32\Wldap32.dll
124526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
124626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
124726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
124826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\Wldap32.dll'
124926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
125026e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\Wldap32.dll'
125126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003b4 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptnet.dll
125226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
125326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
125426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=756DC088EE40CF9369C990D71B200F3CB59FC35D
125526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_75_for_KB3040272~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
125626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
125726e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
125826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000270 pwszName=\Device\HarddiskVolume3\Windows\System32\gpapi.dll
125926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
126026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
126126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
126226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
126326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
126426e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
126526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001dc pwszName=\Device\HarddiskVolume3\Windows\System32\profapi.dll
126626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
126726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
126826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
126926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\profapi.dll'
127026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
127126e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
127226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d8 pwszName=\Device\HarddiskVolume3\Windows\System32\userenv.dll
127326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
127426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
127526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
127626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\userenv.dll'
127726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
127826e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\userenv.dll'
127926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume3\Windows\System32\ncrypt.dll
128026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
128126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
128226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AF6214D5B4EE4D004FA11B4426B0E781D4E918A9
128326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\ncrypt.dll'
128426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
128526e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ncrypt.dll'
128626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a8 pwszName=\Device\HarddiskVolume3\Windows\System32\msctf.dll
128726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
128826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
128926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03916BC73EE5A0E312E3D3100D0ACE1B78E93BB1
129026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3033889~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\msctf.dll'
129126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
129226e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll'
129326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a4 pwszName=\Device\HarddiskVolume3\Windows\System32\imm32.dll
129426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
129526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
129626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
129726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\imm32.dll'
129826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
129926e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll'
130026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a0 pwszName=\Device\HarddiskVolume3\Windows\System32\usp10.dll
130126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
130226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
130326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=31498ABFB06219E83141E0AA8B2A55C4CECFD033
130426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3108670~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\usp10.dll'
130526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
130626e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\usp10.dll'
130726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000019c pwszName=\Device\HarddiskVolume3\Windows\System32\lpk.dll
130826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
130926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
131026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FDBA63132AE4F561C5CFC5478222E40A2DAA2ACC
131126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3087039~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume3\Windows\System32\lpk.dll'
131226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
131326e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\lpk.dll'
131426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000198 pwszName=\Device\HarddiskVolume3\Windows\System32\gdi32.dll
131526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
131626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
131726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E200CE23C0ADD95195EBA5616D50363CEA00DB25
131826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3124001~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
131926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
132026e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
132126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume3\Windows\System32\user32.dll
132226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
132326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
132426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=94AFB7B548C6C2376C6AEE4ECE2FA09C90F5FD4B
132526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB3109094~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\user32.dll'
132626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
132726e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll'
132826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume3\Windows\System32\imagehlp.dll
132926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
133026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
133126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
133226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
133326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
133426e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
133526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000134 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptbase.dll
133626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
133726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
133826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C369CA0A282E9201E8C3399DEF1010F6DC0676FA
133926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
134026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
134126e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
134226e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll'
134326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptsp.dll
134426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
134526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
134626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BA7AC4A7E8ADDFEA90AC951ECB6D6546E4873613
134726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
134826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
134926e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
135026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000124 pwszName=\Device\HarddiskVolume3\Windows\System32\sechost.dll
135126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
135226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
135326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CB669FA8DB80F8E50A29D055BB8D558E10E5E6B4
135426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_85_for_KB3068708~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\sechost.dll'
135526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
135626e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
135726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume3\Windows\System32\advapi32.dll
135826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
135926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
136026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6964F437558F504725B2BE66A35240231044644F
136126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3121918~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
136226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
136326e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
136426e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
136526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000108 pwszName=\Device\HarddiskVolume3\Windows\System32\bcrypt.dll
136626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
136726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
136826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
136926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
137026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
137126e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
137226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e8 pwszName=\Device\HarddiskVolume3\Windows\System32\msvcrt.dll
137326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
137426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
137526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
137626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
137726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
137826e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
137926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume3\Windows\System32\msasn1.dll
138026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
138126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
138226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
138326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
138426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
138526e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
138626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
138726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
138826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
138926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DA2C80E31A4EEBFA49ACC284D4C1B701145978CB
139026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
139126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
139226e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
139326e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
139426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume3\Windows\System32\KernelBase.dll
139526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
139626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
139726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=345936918DE59E26BE1BF613500ED5E48C26873F
139826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
139926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
140026e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
140126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume3\Windows\System32\kernel32.dll
140226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
140326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
140426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C5B3709F99BA1F5F78D42BD62B72E557388B5AE0
140526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
140626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
140726e8.17c0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
140826e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
140926e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000268ecc0:C:\Windows\system32 [calling]
141026e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4a0000 'C:\Windows\system32\crypt32.dll'
141126e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xfeb04c7efedfb800 O=Kaspersky Lab ZAO, CN=%PersonalRootCertificateName%
141226e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
141326e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
141426e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
141526e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
141626e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
141726e8.17c0: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: C=BZ, ST=Belize, L=Belize City, O=DT Soft Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, CN=DT Soft Ltd
141826e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
141926e8.17c0: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: C=BZ, ST=Belize, L=Belize city, O=Disc Soft Ltd, CN=Disc Soft Ltd, Email=finpr@disc-soft.com
142026e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xe840e6dbe281be00 C=IL, ST=Gush Dan, L=Hertzilia, O=GreenTeam Internet, Ltd., OU=Web, CN=cloudguard.me
142126e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
142226e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
142326e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xced08517f4c2a400 CN=localhost, O=Skype Click to Call, OU=Skype Click to Call
142426e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
142526e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
142626e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
142726e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
142826e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
142926e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
143026e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
143126e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x9403a4b8727eb000 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
143226e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
143326e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
143426e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
143526e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
143626e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
143726e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
143826e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
143926e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
144026e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
144126e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
144226e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
144326e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
144426e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
144526e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
144626e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
144726e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x35f812d09650dc00 C=FR, O=Certplus, CN=Class 2 Primary CA
144826e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xc66d30927ebce400 C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority
144926e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
145026e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
145126e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
145226e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
145326e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
145426e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
145526e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
145626e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
145726e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x30669a4e82fa800 C=US, O=America Online Inc., CN=America Online Root Certification Authority 1
145826e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
145926e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
146026e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
146126e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x20b7075b3689b600 C=IL, O=StartCom Ltd., CN=StartCom Certification Authority G2
146226e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
146326e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
146426e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x92ac5ed85c2d0e9b C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2007 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G4
146526e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
146626e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
146726e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xa8b43f38c3f7b100 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
146826e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
146926e8.17c0: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
147026e8.17c0: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=57
147126e8.17c0: SUPR3HardenedMain: Load Runtime...
147226e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
147326e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
147426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
147526e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
147626e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
147726e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
147826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
147926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
148026e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
148126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
148226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
148326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000474 pwszName=\Device\HarddiskVolume3\Windows\System32\ws2_32.dll
148426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
148526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
148626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
148726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\ws2_32.dll'
148826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
148926e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
149026e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
149126e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
149226e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) WinVerifyTrust
149326e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
149426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
149526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
149626e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
149726e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
149826e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
149926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
150026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
150126e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
150226e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
150326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
150426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
150526e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
150626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
150726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
150826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000458 pwszName=\Device\HarddiskVolume3\Windows\System32\nsi.dll
150926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
151026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
151126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
151226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\nsi.dll'
151326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
151426e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll) WinVerifyTrust
151526e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
151626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
151726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
151826e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
151926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
152026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
152126e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
152226e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000982de0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
152326e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
152426e8.17c0: supR3HardenedDllNotificationCallback: load 000007fee2270000 LB 0x00562000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
152526e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
152626e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
152726e8.17c0: supR3HardenedDllNotificationCallback: load 0000000050190000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
152826e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
152926e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
153026e8.17c0: supR3HardenedDllNotificationCallback: load 00000000502b0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
153126e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
153226e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefdf10000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
153326e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
153426e8.17c0: supR3HardenedDllNotificationCallback: load 000007feff7f0000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
153526e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll
153626e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
153726e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
153826e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
153926e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
154026e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
154126e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
154226e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
154326e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
154426e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
154526e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
154626e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
154726e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
154826e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
154926e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
155026e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
155126e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
155226e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
155326e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
155426e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
155526e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
155626e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
155726e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
155826e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
155926e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
156026e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
156126e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
156226e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
156326e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
156426e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
156526e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
156626e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
156726e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
156826e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
156926e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
157026e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
157126e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
157226e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
157326e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
157426e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
157526e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
157626e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
157726e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
157826e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
157926e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
158026e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008d6610:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Windows\System32;C:\Program Files (x86)\Java\jre7\bin;C:\Windows;C:\Windows\System32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Git\cmd;C:\Program Files (x86)\CMake\bin;D:\mobileFX\Projects\Software\Coconut\Libs\node-v5.5.0\Release;e:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\nodejs\x86;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft SQL Server\110\Tools\Binn;C:\Program Files\Microsoft SQL Server\120\Tools\Binn;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\emsdk\python\2.7.5.3_32bit;D:\mobileFX\Projects\Software\Coconut\IDE\Studio;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\Apache\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\curl\bin;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\jq;D:\mobileFX\Projects\Software\Coconut\IDE\Studio\etc\3rd_party\MinGW\bin;D:\mobileFX\Projects\Software\Intralot\iRGS\3rd_party\node.js\Release\node_modules\.bin;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\SSH Secure Shell;C:\Users\Administrator\AppData\Local\Pandoc\ [calling]
158126e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
158226e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
158326e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
158426e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee2270000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
158526e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
158626e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002717f70:C:\Windows\system32 [calling]
158726e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd370000 'C:\Windows\system32\Wintrust.dll'
158826e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
158926e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002717f70:C:\Windows\system32 [calling]
159026e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4a0000 'C:\Windows\system32\crypt32.dll'
159126e8.17c0: SUPR3HardenedMain: Load TrustedMain...
159226e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
159326e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
159426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
159526e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
159626e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxrt.dll'.
159726e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
159826e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
159926e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.dll) WinVerifyTrust
160026e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.dll
160126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
160226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
160326e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
160426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
160526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
160626e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
160726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
160826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
160926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
161026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
161126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c8 pwszName=\Device\HarddiskVolume3\Windows\System32\oleaut32.dll
161226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
161326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
161426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8A837B0D823EB506C6A4C447C1962174D27ED954
161526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3020338~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\oleaut32.dll'
161626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
161726e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
161826e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
161926e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
162026e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
162126e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
162226e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) WinVerifyTrust
162326e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
162426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
162526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
162626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d4 pwszName=\Device\HarddiskVolume3\Windows\System32\ole32.dll
162726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
162826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
162926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E93C1851E5754D607F55581B4DE2A30B711C830
163026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3072633~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume3\Windows\System32\ole32.dll'
163126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
163226e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
163326e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
163426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
163526e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
163626e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) WinVerifyTrust
163726e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
163826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
163926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
164026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
164126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
164226e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
164326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
164426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
164526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
164626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
164726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
164826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
164926e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
165026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
165126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
165226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
165326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
165426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
165526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
165626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
165726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
165826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
165926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
166026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
166126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
166226e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
166326e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxHeadless.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000982de0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
166426e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.dll
166526e8.17c0: supR3HardenedDllNotificationCallback: load 000007fee62e0000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxHeadless.dll [fFlags=0x0]
166626e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.dll
166726e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefe2e0000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
166826e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
166926e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefe810000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
167026e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
167126e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee62e0000 'C:\Program Files\Oracle\VirtualBox\VBoxHeadless.dll'
167226e8.17c0: SUPR3HardenedMain: Calling TrustedMain (000007fee62ea000)...
167326e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
167426e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000982de0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
167526e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0d0000 'C:\Windows\system32\CRYPTBASE.dll'
167626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000508 pwszName=\Device\HarddiskVolume3\Windows\System32\clbcatq.dll
167726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
167826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
167926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
168026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\clbcatq.dll'
168126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
168226e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
168326e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
168426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
168526e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
168626e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
168726e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
168826e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll) WinVerifyTrust
168926e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
169026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
169126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
169226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
169326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
169426e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
169526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
169626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
169726e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
169826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
169926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
170026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
170126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
170226e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
170326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
170426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
170526e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000982de0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
170626e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
170726e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefe240000 LB 0x00099000 C:\Windows\system32\CLBCatQ.DLL [fFlags=0x0]
170826e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
170926e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe240000 'C:\Windows\system32\CLBCatQ.DLL'
171026e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
171126e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
171226e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'psapi.dll'.
171326e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
171426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
171526e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'version.dll'.
171626e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
171726e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
171826e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
171926e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
172026e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
172126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
172226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
172326e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
172426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
172526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
172626e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
172726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
172826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
172926e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
173026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
173126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume3\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
173226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000518 pwszName=\Device\HarddiskVolume3\Windows\System32\version.dll
173326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
173426e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
173526e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A3AB94A028D0330A3DBCAE54C04C648532198DB9
173626e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\version.dll'
173726e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
173826e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
173926e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\version.dll) WinVerifyTrust
174026e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\version.dll
174126e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
174226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
174326e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
174426e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
174526e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
174626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
174726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
174826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000053c pwszName=\Device\HarddiskVolume3\Windows\System32\psapi.dll
174926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
175026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
175126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=561BAAB249C395B66D294444DF251EDB701DB607
175226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume3\Windows\System32\psapi.dll'
175326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
175426e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\psapi.dll) WinVerifyTrust
175526e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\psapi.dll
175626e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
175726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
175826e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
175926e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
176026e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
176126e8.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
176226e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
176326e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
176426e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000009be890:C:\Program Files\Oracle\VirtualBox;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
176526e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
176626e8.17c0: supR3HardenedDllNotificationCallback: load 000007fee1c90000 LB 0x005d8000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
176726e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
176826e8.17c0: supR3HardenedDllNotificationCallback: load 00000000776c0000 LB 0x00007000 C:\Windows\system32\PSAPI.DLL [fFlags=0x0]
176926e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\psapi.dll
177026e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
177126e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefc3f0000 LB 0x0000c000 C:\Windows\system32\VERSION.dll [fFlags=0x0]
177226e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
177326e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee1c90000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
177426e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb60000 'C:\Windows\system32\ADVAPI32.dll'
177526e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
177626e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000983410:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
177726e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefccc0000 'C:\Windows\system32\CRYPTSP.dll'
177826e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000538 pwszName=\Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll
177926e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002693db0
178026e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002693db0
178126e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
178226e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll'
178326e8.17c0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
178426e8.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
178526e8.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll) WinVerifyTrust
178626e8.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll
178726e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
178826e8.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
178926e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000983410:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
179026e8.17c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll
179126e8.17c0: supR3HardenedDllNotificationCallback: load 000007fefd1e0000 LB 0x00014000 C:\Windows\system32\RpcRtRemote.dll [fFlags=0x0]
179226e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\RpcRtRemote.dll
179326e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1e0000 'C:\Windows\system32\RpcRtRemote.dll'
179426e8.17c0: supR3HardenedDllNotificationCallback: Unload 000007fee1c90000 LB 0x005d8000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [flags=0x0]
179526e8.17c0: supR3HardenedDllNotificationCallback: Unload 000007fefc3f0000 LB 0x0000c000 C:\Windows\system32\VERSION.dll [flags=0x0]
179626e8.17c0: supR3HardenedDllNotificationCallback: Unload 00000000776c0000 LB 0x00007000 C:\Windows\system32\PSAPI.DLL [flags=0x0]
179726e8.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
179826e8.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000982de0:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
179926e8.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe810000 'C:\Windows\system32\OLEAUT32.dll'
180026e8.17c0: Terminating the normal way: rcExit=1
1801108c.2748: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 421 ms, the end);
18021960.2644: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 982 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy