VirtualBox

Ticket #15091: VBoxHardening.log

File VBoxHardening.log, 370.8 KB (added by Oregszun, 9 years ago)
Line 
11538.294c: Log file opened: 5.0.14r105127 g_hStartupLog=00000000000000ac g_uNtVerCombined=0x611db110
21538.294c: \SystemRoot\System32\ntdll.dll:
31538.294c: CreationTime: 2016-01-25T07:07:40.694426300Z
41538.294c: LastWriteTime: 2015-12-30T19:05:33.659216000Z
51538.294c: ChangeTime: 2016-01-25T15:33:35.009572000Z
61538.294c: FileAttributes: 0x20
71538.294c: Size: 0x1a67c0
81538.294c: NT Headers: 0xe0
91538.294c: Timestamp: 0x568429e5
101538.294c: Machine: 0x8664 - amd64
111538.294c: Timestamp: 0x568429e5
121538.294c: Image Version: 6.1
131538.294c: SizeOfImage: 0x1a9000 (1740800)
141538.294c: Resource Dir: 0x14d000 LB 0x5a028
151538.294c: ProductName: Microsoft® Windows® Operating System
161538.294c: ProductVersion: 6.1.7601.19110
171538.294c: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
181538.294c: FileDescription: NT Layer DLL
191538.294c: \SystemRoot\System32\kernel32.dll:
201538.294c: CreationTime: 2016-01-25T07:07:40.552355300Z
211538.294c: LastWriteTime: 2015-12-30T18:57:55.730000000Z
221538.294c: ChangeTime: 2016-01-25T15:33:35.430487800Z
231538.294c: FileAttributes: 0x20
241538.294c: Size: 0x11c000
251538.294c: NT Headers: 0xe8
261538.294c: Timestamp: 0x568429dc
271538.294c: Machine: 0x8664 - amd64
281538.294c: Timestamp: 0x568429dc
291538.294c: Image Version: 6.1
301538.294c: SizeOfImage: 0x11f000 (1175552)
311538.294c: Resource Dir: 0x116000 LB 0x528
321538.294c: ProductName: Microsoft® Windows® Operating System
331538.294c: ProductVersion: 6.1.7601.19110
341538.294c: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
351538.294c: FileDescription: Windows NT BASE API Client DLL
361538.294c: \SystemRoot\System32\KernelBase.dll:
371538.294c: CreationTime: 2016-01-25T07:07:41.914035800Z
381538.294c: LastWriteTime: 2015-12-30T18:57:55.761000000Z
391538.294c: ChangeTime: 2016-01-25T15:33:35.444485000Z
401538.294c: FileAttributes: 0x20
411538.294c: Size: 0x67a00
421538.294c: NT Headers: 0xe8
431538.294c: Timestamp: 0x568429dd
441538.294c: Machine: 0x8664 - amd64
451538.294c: Timestamp: 0x568429dd
461538.294c: Image Version: 6.1
471538.294c: SizeOfImage: 0x6c000 (442368)
481538.294c: Resource Dir: 0x6a000 LB 0x530
491538.294c: ProductName: Microsoft® Windows® Operating System
501538.294c: ProductVersion: 6.1.7601.19110
511538.294c: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
521538.294c: FileDescription: Windows NT BASE API Client DLL
531538.294c: \SystemRoot\System32\apisetschema.dll:
541538.294c: CreationTime: 2016-01-25T07:07:43.425791300Z
551538.294c: LastWriteTime: 2015-12-30T18:54:58.839000000Z
561538.294c: ChangeTime: 2016-01-25T15:33:34.910591800Z
571538.294c: FileAttributes: 0x20
581538.294c: Size: 0x1a00
591538.294c: NT Headers: 0xc0
601538.294c: Timestamp: 0x568428c9
611538.294c: Machine: 0x8664 - amd64
621538.294c: Timestamp: 0x568428c9
631538.294c: Image Version: 6.1
641538.294c: SizeOfImage: 0x50000 (327680)
651538.294c: Resource Dir: 0x30000 LB 0x3f8
661538.294c: ProductName: Microsoft® Windows® Operating System
671538.294c: ProductVersion: 6.1.7601.19110
681538.294c: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
691538.294c: FileDescription: ApiSet Schema DLL
701538.294c: Found driver mfewfpk (0x20)
711538.294c: Found driver mfehidk (0x20)
721538.294c: Found driver mfeavfk (0x20)
731538.294c: Found driver mfefirek (0x20)
741538.294c: supR3HardenedWinFindAdversaries: 0x20
751538.294c: \SystemRoot\System32\drivers\mfeapfk.sys:
761538.294c: CreationTime: 2015-04-28T19:25:19.881745800Z
771538.294c: LastWriteTime: 2015-07-20T11:05:21.075323300Z
781538.294c: ChangeTime: 2015-07-20T11:05:21.075323300Z
791538.294c: FileAttributes: 0x20
801538.294c: Size: 0x2f000
811538.294c: NT Headers: 0xf0
821538.294c: Timestamp: 0x54cbd0b9
831538.294c: Machine: 0x8664 - amd64
841538.294c: Timestamp: 0x54cbd0b9
851538.294c: Image Version: 0.0
861538.294c: SizeOfImage: 0x2cc80 (183424)
871538.294c: Resource Dir: 0x2c480 LB 0x340
881538.294c: ProductName: SYSCORE
891538.294c: FileVersion: SYSCORE.15.3.0.672
901538.294c: PrivateBuild: SYSCORE.15.3.0.672 F16
911538.294c: FileDescription: Access Protection Filter Driver
921538.294c: \SystemRoot\System32\drivers\mfeavfk.sys:
931538.294c: CreationTime: 2015-04-28T19:25:19.816288600Z
941538.294c: LastWriteTime: 2016-01-18T09:36:27.731375400Z
951538.294c: ChangeTime: 2016-01-18T09:36:43.469949100Z
961538.294c: FileAttributes: 0x20
971538.294c: Size: 0x54e98
981538.294c: NT Headers: 0xf8
991538.294c: Timestamp: 0x558ddc3c
1001538.294c: Machine: 0x8664 - amd64
1011538.294c: Timestamp: 0x558ddc3c
1021538.294c: Image Version: 0.0
1031538.294c: SizeOfImage: 0x50580 (329088)
1041538.294c: Resource Dir: 0x4f700 LB 0x758
1051538.294c: ProductName: SYSCORE
1061538.294c: ProductVersion: 15.4.0.674
1071538.294c: FileVersion: SYSCORE.15.4.0.674
1081538.294c: PrivateBuild: SYSCORE.15.4.0.674 F15,F16,F19
1091538.294c: FileDescription: Anti-Virus File System Filter Driver
1101538.294c: \SystemRoot\System32\drivers\mfefirek.sys:
1111538.294c: CreationTime: 2015-04-29T01:18:11.945728500Z
1121538.294c: LastWriteTime: 2015-07-20T11:05:21.452361000Z
1131538.294c: ChangeTime: 2015-07-20T11:05:21.452361000Z
1141538.294c: FileAttributes: 0x20
1151538.294c: Size: 0x827c8
1161538.294c: NT Headers: 0xe8
1171538.294c: Timestamp: 0x54cbd128
1181538.294c: Machine: 0x8664 - amd64
1191538.294c: Timestamp: 0x54cbd128
1201538.294c: Image Version: 0.0
1211538.294c: SizeOfImage: 0x7fc80 (523392)
1221538.294c: Resource Dir: 0x7d280 LB 0x350
1231538.294c: ProductName: SYSCORE
1241538.294c: FileVersion: SYSCORE.15.3.0.672
1251538.294c: PrivateBuild: SYSCORE.15.3.0.672 F17,F18
1261538.294c: FileDescription: McAfee Core Firewall Engine Driver
1271538.294c: \SystemRoot\System32\drivers\mfehidk.sys:
1281538.294c: CreationTime: 2015-04-28T19:25:19.521731200Z
1291538.294c: LastWriteTime: 2016-01-18T09:36:27.680370300Z
1301538.294c: ChangeTime: 2016-01-18T09:36:27.680370300Z
1311538.294c: FileAttributes: 0x20
1321538.294c: Size: 0xd5d98
1331538.294c: NT Headers: 0x108
1341538.294c: Timestamp: 0x558ddbf8
1351538.294c: Machine: 0x8664 - amd64
1361538.294c: Timestamp: 0x558ddbf8
1371538.294c: Image Version: 0.0
1381538.294c: SizeOfImage: 0xd0880 (854144)
1391538.294c: Resource Dir: 0xcd980 LB 0x758
1401538.294c: ProductName: SYSCORE
1411538.294c: ProductVersion: 15.4.0.674
1421538.294c: FileVersion: SYSCORE.15.4.0.674
1431538.294c: PrivateBuild: SYSCORE.15.4.0.674 F14,F15,F16,F18,F20
1441538.294c: FileDescription: McAfee Link Driver
1451538.294c: \SystemRoot\System32\drivers\mfewfpk.sys:
1461538.294c: CreationTime: 2015-04-28T19:25:16.134321100Z
1471538.294c: LastWriteTime: 2015-07-20T11:05:21.264342200Z
1481538.294c: ChangeTime: 2015-07-20T11:05:21.264342200Z
1491538.294c: FileAttributes: 0x20
1501538.294c: Size: 0x55510
1511538.294c: NT Headers: 0xf0
1521538.294c: Timestamp: 0x54cbd080
1531538.294c: Machine: 0x8664 - amd64
1541538.294c: Timestamp: 0x54cbd080
1551538.294c: Image Version: 0.0
1561538.294c: SizeOfImage: 0x52e00 (339456)
1571538.294c: Resource Dir: 0x52280 LB 0x348
1581538.294c: ProductName: SYSCORE
1591538.294c: FileVersion: SYSCORE.15.3.0.672
1601538.294c: PrivateBuild: SYSCORE.15.3.0.672 F17,F18
1611538.294c: FileDescription: Anti-Virus Mini-Firewall Driver
1621538.294c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
1631538.294c: Calling main()
1641538.294c: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
1651538.294c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
1661538.294c: SUPR3HardenedMain: Respawn #1
1671538.294c: System32: \Device\HarddiskVolume2\Windows\System32
1681538.294c: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
1691538.294c: KnownDllPath: C:\windows\system32
1701538.294c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
1711538.294c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
1721538.294c: supR3HardNtEnableThreadCreation:
1731538.294c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000773fb630 pvNtTerminateThread=000000007741dee0
1741538.294c: supR3HardenedWinDoReSpawn(1): New child 1328.2e80 [kernel32].
1751538.294c: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdf000 cbPeb=0x380
1761538.294c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000773d0000 uNtDllChildAddr=00000000773d0000
1771538.294c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000773fb630
1781538.294c: supR3HardenedWinSetupChildInit: Start child.
1791538.294c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
1801538.294c: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 63 sleeps
1811538.294c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
1821538.294c: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
1831538.294c: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
1841538.294c: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
1851538.294c: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
1861538.294c: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
1871538.294c: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
1881538.294c: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
1891538.294c: 0000000000051000-ffffffffffef1fff 0x0001/0x0000 0x0000000
1901538.294c: *00000000001b0000-00000000000b3fff 0x0000/0x0004 0x0020000
1911538.294c: 00000000002ac000-00000000002a8fff 0x0104/0x0004 0x0020000
1921538.294c: 00000000002af000-00000000002adfff 0x0004/0x0004 0x0020000
1931538.294c: 00000000002b0000-ffffffff8918ffff 0x0001/0x0000 0x0000000
1941538.294c: *00000000773d0000-00000000773d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1951538.294c: 00000000773d1000-00000000774cefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1961538.294c: 00000000774cf000-00000000774fdfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1971538.294c: 00000000774fe000-0000000077505fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1981538.294c: 0000000077506000-0000000077506fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
1991538.294c: 0000000077507000-0000000077509fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2001538.294c: 000000007750a000-0000000077578fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2011538.294c: 0000000077579000-000000006fb11fff 0x0001/0x0000 0x0000000
2021538.294c: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
2031538.294c: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
2041538.294c: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
2051538.294c: 000000007fff0000-ffffffffc0d0ffff 0x0001/0x0000 0x0000000
2061538.294c: *000000013f2d0000-000000013f2d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2071538.294c: 000000013f2d1000-000000013f357fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2081538.294c: 000000013f358000-000000013f358fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2091538.294c: 000000013f359000-000000013f3a3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2101538.294c: 000000013f3a4000-000000013f3a4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2111538.294c: 000000013f3a5000-000000013f3a5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2121538.294c: 000000013f3a6000-000000013f3aafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2131538.294c: 000000013f3ab000-000000013f3abfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2141538.294c: 000000013f3ac000-000000013f3acfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2151538.294c: 000000013f3ad000-000000013f3b0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2161538.294c: 000000013f3b1000-000000013f3fbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
2171538.294c: 000000013f3fc000-fffff8037f107fff 0x0001/0x0000 0x0000000
2181538.294c: *000007feff6f0000-000007feff6f0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
2191538.294c: 000007feff6f1000-000007fdfee31fff 0x0001/0x0000 0x0000000
2201538.294c: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
2211538.294c: 000007fffffd3000-000007fffffc8fff 0x0001/0x0000 0x0000000
2221538.294c: *000007fffffdd000-000007fffffdafff 0x0004/0x0004 0x0020000
2231538.294c: *000007fffffdf000-000007fffffddfff 0x0004/0x0004 0x0020000
2241538.294c: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
2251538.294c: apisetschema.dll: timestamp 0x568428c9 (rc=VINF_SUCCESS)
2261538.294c: VirtualBox.exe: timestamp 0x569e6712 (rc=VINF_SUCCESS)
2271538.294c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2281538.294c: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
2291538.294c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
2301538.294c: supR3HardNtChildPurify: Done after 551 ms and 0 fixes (loop #0).
2311538.294c: supR3HardNtEnableThreadCreation:
2321328.2e80: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
2331328.2e80: supR3HardenedVmProcessInit: uNtDllAddr=00000000773d0000
2341328.2e80: ntdll.dll: timestamp 0x568429e5 (rc=VINF_SUCCESS)
2351328.2e80: New simple heap: #1 00000000002b0000 LB 0x400000 (for 1740800 allocation)
2361328.2e80: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
2371328.2e80: System32: \Device\HarddiskVolume2\Windows\System32
2381328.2e80: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
2391328.2e80: KnownDllPath: C:\windows\system32
2401328.2e80: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2411328.2e80: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
2421328.2e80: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
2431328.2e80: Registered Dll notification callback with NTDLL.
2441328.2e80: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
2451328.2e80: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2461328.2e80: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2471328.2e80: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2481328.2e80: supR3HardenedDllNotificationCallback: load 00000000772b0000 LB 0x0011f000 C:\windows\system32\kernel32.dll [fFlags=0x0]
2491328.2e80: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2501328.2e80: supR3HardenedDllNotificationCallback: load 000007fefd3a0000 LB 0x0006c000 C:\windows\system32\KERNELBASE.dll [fFlags=0x0]
2511328.2e80: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
2521328.2e80: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2531328.2e80: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000772b0000 'C:\windows\system32\kernel32.dll'
2541328.2e80: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000773fb630 pvNtTerminateThread=000000007741dee0
2551538.294c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 24 ms.
2561328.2e80: \SystemRoot\System32\ntdll.dll:
2571328.2e80: CreationTime: 2016-01-25T07:07:40.694426300Z
2581328.2e80: LastWriteTime: 2015-12-30T19:05:33.659216000Z
2591328.2e80: ChangeTime: 2016-01-25T15:33:35.009572000Z
2601328.2e80: FileAttributes: 0x20
2611328.2e80: Size: 0x1a67c0
2621328.2e80: NT Headers: 0xe0
2631328.2e80: Timestamp: 0x568429e5
2641328.2e80: Machine: 0x8664 - amd64
2651328.2e80: Timestamp: 0x568429e5
2661328.2e80: Image Version: 6.1
2671328.2e80: SizeOfImage: 0x1a9000 (1740800)
2681328.2e80: Resource Dir: 0x14d000 LB 0x5a028
2691328.2e80: ProductName: Microsoft® Windows® Operating System
2701328.2e80: ProductVersion: 6.1.7601.19110
2711328.2e80: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
2721328.2e80: FileDescription: NT Layer DLL
2731328.2e80: \SystemRoot\System32\kernel32.dll:
2741328.2e80: CreationTime: 2016-01-25T07:07:40.552355300Z
2751328.2e80: LastWriteTime: 2015-12-30T18:57:55.730000000Z
2761328.2e80: ChangeTime: 2016-01-25T15:33:35.430487800Z
2771328.2e80: FileAttributes: 0x20
2781328.2e80: Size: 0x11c000
2791328.2e80: NT Headers: 0xe8
2801328.2e80: Timestamp: 0x568429dc
2811328.2e80: Machine: 0x8664 - amd64
2821328.2e80: Timestamp: 0x568429dc
2831328.2e80: Image Version: 6.1
2841328.2e80: SizeOfImage: 0x11f000 (1175552)
2851328.2e80: Resource Dir: 0x116000 LB 0x528
2861328.2e80: ProductName: Microsoft® Windows® Operating System
2871328.2e80: ProductVersion: 6.1.7601.19110
2881328.2e80: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
2891328.2e80: FileDescription: Windows NT BASE API Client DLL
2901328.2e80: \SystemRoot\System32\KernelBase.dll:
2911328.2e80: CreationTime: 2016-01-25T07:07:41.914035800Z
2921328.2e80: LastWriteTime: 2015-12-30T18:57:55.761000000Z
2931328.2e80: ChangeTime: 2016-01-25T15:33:35.444485000Z
2941328.2e80: FileAttributes: 0x20
2951328.2e80: Size: 0x67a00
2961328.2e80: NT Headers: 0xe8
2971328.2e80: Timestamp: 0x568429dd
2981328.2e80: Machine: 0x8664 - amd64
2991328.2e80: Timestamp: 0x568429dd
3001328.2e80: Image Version: 6.1
3011328.2e80: SizeOfImage: 0x6c000 (442368)
3021328.2e80: Resource Dir: 0x6a000 LB 0x530
3031328.2e80: ProductName: Microsoft® Windows® Operating System
3041328.2e80: ProductVersion: 6.1.7601.19110
3051328.2e80: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
3061328.2e80: FileDescription: Windows NT BASE API Client DLL
3071328.2e80: \SystemRoot\System32\apisetschema.dll:
3081328.2e80: CreationTime: 2016-01-25T07:07:43.425791300Z
3091328.2e80: LastWriteTime: 2015-12-30T18:54:58.839000000Z
3101328.2e80: ChangeTime: 2016-01-25T15:33:34.910591800Z
3111328.2e80: FileAttributes: 0x20
3121328.2e80: Size: 0x1a00
3131328.2e80: NT Headers: 0xc0
3141328.2e80: Timestamp: 0x568428c9
3151328.2e80: Machine: 0x8664 - amd64
3161328.2e80: Timestamp: 0x568428c9
3171328.2e80: Image Version: 6.1
3181328.2e80: SizeOfImage: 0x50000 (327680)
3191328.2e80: Resource Dir: 0x30000 LB 0x3f8
3201328.2e80: ProductName: Microsoft® Windows® Operating System
3211328.2e80: ProductVersion: 6.1.7601.19110
3221328.2e80: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
3231328.2e80: FileDescription: ApiSet Schema DLL
3241328.2e80: Found driver mfewfpk (0x20)
3251328.2e80: Found driver mfehidk (0x20)
3261328.2e80: Found driver mfeavfk (0x20)
3271328.2e80: Found driver mfefirek (0x20)
3281328.2e80: supR3HardenedWinFindAdversaries: 0x20
3291328.2e80: \SystemRoot\System32\drivers\mfeapfk.sys:
3301328.2e80: CreationTime: 2015-04-28T19:25:19.881745800Z
3311328.2e80: LastWriteTime: 2015-07-20T11:05:21.075323300Z
3321328.2e80: ChangeTime: 2015-07-20T11:05:21.075323300Z
3331328.2e80: FileAttributes: 0x20
3341328.2e80: Size: 0x2f000
3351328.2e80: NT Headers: 0xf0
3361328.2e80: Timestamp: 0x54cbd0b9
3371328.2e80: Machine: 0x8664 - amd64
3381328.2e80: Timestamp: 0x54cbd0b9
3391328.2e80: Image Version: 0.0
3401328.2e80: SizeOfImage: 0x2cc80 (183424)
3411328.2e80: Resource Dir: 0x2c480 LB 0x340
3421328.2e80: ProductName: SYSCORE
3431328.2e80: FileVersion: SYSCORE.15.3.0.672
3441328.2e80: PrivateBuild: SYSCORE.15.3.0.672 F16
3451328.2e80: FileDescription: Access Protection Filter Driver
3461328.2e80: \SystemRoot\System32\drivers\mfeavfk.sys:
3471328.2e80: CreationTime: 2015-04-28T19:25:19.816288600Z
3481328.2e80: LastWriteTime: 2016-01-18T09:36:27.731375400Z
3491328.2e80: ChangeTime: 2016-01-18T09:36:43.469949100Z
3501328.2e80: FileAttributes: 0x20
3511328.2e80: Size: 0x54e98
3521328.2e80: NT Headers: 0xf8
3531328.2e80: Timestamp: 0x558ddc3c
3541328.2e80: Machine: 0x8664 - amd64
3551328.2e80: Timestamp: 0x558ddc3c
3561328.2e80: Image Version: 0.0
3571328.2e80: SizeOfImage: 0x50580 (329088)
3581328.2e80: Resource Dir: 0x4f700 LB 0x758
3591328.2e80: ProductName: SYSCORE
3601328.2e80: ProductVersion: 15.4.0.674
3611328.2e80: FileVersion: SYSCORE.15.4.0.674
3621328.2e80: PrivateBuild: SYSCORE.15.4.0.674 F15,F16,F19
3631328.2e80: FileDescription: Anti-Virus File System Filter Driver
3641328.2e80: \SystemRoot\System32\drivers\mfefirek.sys:
3651328.2e80: CreationTime: 2015-04-29T01:18:11.945728500Z
3661328.2e80: LastWriteTime: 2015-07-20T11:05:21.452361000Z
3671328.2e80: ChangeTime: 2015-07-20T11:05:21.452361000Z
3681328.2e80: FileAttributes: 0x20
3691328.2e80: Size: 0x827c8
3701328.2e80: NT Headers: 0xe8
3711328.2e80: Timestamp: 0x54cbd128
3721328.2e80: Machine: 0x8664 - amd64
3731328.2e80: Timestamp: 0x54cbd128
3741328.2e80: Image Version: 0.0
3751328.2e80: SizeOfImage: 0x7fc80 (523392)
3761328.2e80: Resource Dir: 0x7d280 LB 0x350
3771328.2e80: ProductName: SYSCORE
3781328.2e80: FileVersion: SYSCORE.15.3.0.672
3791328.2e80: PrivateBuild: SYSCORE.15.3.0.672 F17,F18
3801328.2e80: FileDescription: McAfee Core Firewall Engine Driver
3811328.2e80: \SystemRoot\System32\drivers\mfehidk.sys:
3821328.2e80: CreationTime: 2015-04-28T19:25:19.521731200Z
3831328.2e80: LastWriteTime: 2016-01-18T09:36:27.680370300Z
3841328.2e80: ChangeTime: 2016-01-18T09:36:27.680370300Z
3851328.2e80: FileAttributes: 0x20
3861328.2e80: Size: 0xd5d98
3871328.2e80: NT Headers: 0x108
3881328.2e80: Timestamp: 0x558ddbf8
3891328.2e80: Machine: 0x8664 - amd64
3901328.2e80: Timestamp: 0x558ddbf8
3911328.2e80: Image Version: 0.0
3921328.2e80: SizeOfImage: 0xd0880 (854144)
3931328.2e80: Resource Dir: 0xcd980 LB 0x758
3941328.2e80: ProductName: SYSCORE
3951328.2e80: ProductVersion: 15.4.0.674
3961328.2e80: FileVersion: SYSCORE.15.4.0.674
3971328.2e80: PrivateBuild: SYSCORE.15.4.0.674 F14,F15,F16,F18,F20
3981328.2e80: FileDescription: McAfee Link Driver
3991328.2e80: \SystemRoot\System32\drivers\mfewfpk.sys:
4001328.2e80: CreationTime: 2015-04-28T19:25:16.134321100Z
4011328.2e80: LastWriteTime: 2015-07-20T11:05:21.264342200Z
4021328.2e80: ChangeTime: 2015-07-20T11:05:21.264342200Z
4031328.2e80: FileAttributes: 0x20
4041328.2e80: Size: 0x55510
4051328.2e80: NT Headers: 0xf0
4061328.2e80: Timestamp: 0x54cbd080
4071328.2e80: Machine: 0x8664 - amd64
4081328.2e80: Timestamp: 0x54cbd080
4091328.2e80: Image Version: 0.0
4101328.2e80: SizeOfImage: 0x52e00 (339456)
4111328.2e80: Resource Dir: 0x52280 LB 0x348
4121328.2e80: ProductName: SYSCORE
4131328.2e80: FileVersion: SYSCORE.15.3.0.672
4141328.2e80: PrivateBuild: SYSCORE.15.3.0.672 F17,F18
4151328.2e80: FileDescription: Anti-Virus Mini-Firewall Driver
4161328.2e80: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
4171328.2e80: Calling main()
4181328.2e80: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4191328.2e80: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
4201328.2e80: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
4211328.2e80: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
4221328.2e80: SUPR3HardenedMain: Respawn #2
4231328.2e80: supR3HardNtEnableThreadCreation:
4241328.2e80: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4251328.2e80: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
4261328.2e80: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
4271328.2e80: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
4281328.2e80: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4291328.2e80: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4301328.2e80: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
4311328.2e80: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
4321328.2e80: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4331328.2e80: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4341328.2e80: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
4351328.2e80: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
4361328.2e80: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x1000 pwszSearchPath=0000000000000000:<flags> [calling]
4371328.2e80: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4381328.2e80: supR3HardenedDllNotificationCallback: load 000007fefe880000 LB 0x000db000 C:\windows\system32\ADVAPI32.DLL [fFlags=0x0]
4391328.2e80: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4401328.2e80: supR3HardenedDllNotificationCallback: load 000007feff200000 LB 0x0009f000 C:\windows\system32\msvcrt.dll [fFlags=0x0]
4411328.2e80: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4421328.2e80: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
4431328.2e80: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
4441328.2e80: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
4451328.2e80: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
4461328.2e80: supR3HardenedDllNotificationCallback: load 000007fefe5b0000 LB 0x0001f000 C:\windows\SYSTEM32\sechost.dll [fFlags=0x0]
4471328.2e80: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
4481328.2e80: supR3HardenedDllNotificationCallback: load 000007fefe620000 LB 0x0012d000 C:\windows\system32\RPCRT4.dll [fFlags=0x0]
4491328.2e80: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4501328.2e80: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe880000 'C:\windows\system32\ADVAPI32.DLL'
4511328.2e80: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
4521328.2e80: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
4531328.2e80: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4541328.2e80: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4551328.2e80: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4561328.2e80: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4571328.2e80: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4581328.2e80: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4591328.2e80: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
4601328.2e80: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4611328.2e80: supR3HardenedDllNotificationCallback: load 000007fefcf70000 LB 0x00057000 C:\windows\system32\apphelp.dll [fFlags=0x0]
4621328.2e80: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4631328.2e80: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf70000 'C:\windows\system32\apphelp.dll'
4641328.2e80: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000773fb630 pvNtTerminateThread=000000007741dee0
4651328.2e80: supR3HardenedWinDoReSpawn(2): New child 241c.2cd8 [kernel32].
4661328.2e80: supR3HardNtChildGatherData: PebBaseAddress=000007fffffd5000 cbPeb=0x380
4671328.2e80: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00000000773d0000 uNtDllChildAddr=00000000773d0000
4681328.2e80: supR3HardenedWinSetupChildInit: uLdrInitThunk=00000000773fb630
4691328.2e80: supR3HardenedWinSetupChildInit: Start child.
4701328.2e80: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
4711328.2e80: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 64 sleeps
4721328.2e80: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
4731328.2e80: *0000000000000000-fffffffffffeffff 0x0001/0x0000 0x0000000
4741328.2e80: *0000000000010000-fffffffffffeffff 0x0004/0x0004 0x0020000
4751328.2e80: *0000000000030000-000000000002bfff 0x0002/0x0002 0x0040000
4761328.2e80: 0000000000034000-0000000000027fff 0x0001/0x0000 0x0000000
4771328.2e80: *0000000000040000-000000000003efff 0x0004/0x0004 0x0020000
4781328.2e80: 0000000000041000-0000000000031fff 0x0001/0x0000 0x0000000
4791328.2e80: *0000000000050000-000000000004efff 0x0004/0x0004 0x0020000
4801328.2e80: 0000000000051000-ffffffffffea1fff 0x0001/0x0000 0x0000000
4811328.2e80: *0000000000200000-0000000000103fff 0x0000/0x0004 0x0020000
4821328.2e80: 00000000002fc000-00000000002f8fff 0x0104/0x0004 0x0020000
4831328.2e80: 00000000002ff000-00000000002fdfff 0x0004/0x0004 0x0020000
4841328.2e80: 0000000000300000-ffffffff8922ffff 0x0001/0x0000 0x0000000
4851328.2e80: *00000000773d0000-00000000773d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4861328.2e80: 00000000773d1000-00000000774cefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4871328.2e80: 00000000774cf000-00000000774fdfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4881328.2e80: 00000000774fe000-0000000077505fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4891328.2e80: 0000000077506000-0000000077506fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4901328.2e80: 0000000077507000-0000000077509fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4911328.2e80: 000000007750a000-0000000077578fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
4921328.2e80: 0000000077579000-000000006fb11fff 0x0001/0x0000 0x0000000
4931328.2e80: *000000007efe0000-000000007dfdffff 0x0000/0x0002 0x0020000
4941328.2e80: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
4951328.2e80: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
4961328.2e80: 000000007fff0000-ffffffffc0d0ffff 0x0001/0x0000 0x0000000
4971328.2e80: *000000013f2d0000-000000013f2d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4981328.2e80: 000000013f2d1000-000000013f357fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
4991328.2e80: 000000013f358000-000000013f358fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
5001328.2e80: 000000013f359000-000000013f3a3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
5011328.2e80: 000000013f3a4000-000000013f3a4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
5021328.2e80: 000000013f3a5000-000000013f3a5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
5031328.2e80: 000000013f3a6000-000000013f3aafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
5041328.2e80: 000000013f3ab000-000000013f3abfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
5051328.2e80: 000000013f3ac000-000000013f3acfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
5061328.2e80: 000000013f3ad000-000000013f3b0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
5071328.2e80: 000000013f3b1000-000000013f3fbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe
5081328.2e80: 000000013f3fc000-fffff8037f107fff 0x0001/0x0000 0x0000000
5091328.2e80: *000007feff6f0000-000007feff6f0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
5101328.2e80: 000007feff6f1000-000007fdfee31fff 0x0001/0x0000 0x0000000
5111328.2e80: *000007fffffb0000-000007fffff8cfff 0x0002/0x0002 0x0040000
5121328.2e80: 000007fffffd3000-000007fffffd0fff 0x0001/0x0000 0x0000000
5131328.2e80: *000007fffffd5000-000007fffffd3fff 0x0004/0x0004 0x0020000
5141328.2e80: 000007fffffd6000-000007fffffcdfff 0x0001/0x0000 0x0000000
5151328.2e80: *000007fffffde000-000007fffffdbfff 0x0004/0x0004 0x0020000
5161328.2e80: *000007fffffe0000-000007fffffcffff 0x0001/0x0002 0x0020000
5171328.2e80: apisetschema.dll: timestamp 0x568428c9 (rc=VINF_SUCCESS)
5181328.2e80: VirtualBox.exe: timestamp 0x569e6712 (rc=VINF_SUCCESS)
5191328.2e80: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
5201328.2e80: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
5211328.2e80: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
5221328.2e80: supR3HardNtChildPurify: Done after 533 ms and 0 fixes (loop #0).
5231328.2e80: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002b0000 LB 0x400000)
524241c.2cd8: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db110
5251328.2e80: supR3HardNtEnableThreadCreation:
526241c.2cd8: supR3HardenedVmProcessInit: uNtDllAddr=00000000773d0000
527241c.2cd8: ntdll.dll: timestamp 0x568429e5 (rc=VINF_SUCCESS)
528241c.2cd8: New simple heap: #1 0000000000300000 LB 0x400000 (for 1740800 allocation)
529241c.2cd8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
530241c.2cd8: System32: \Device\HarddiskVolume2\Windows\System32
531241c.2cd8: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
532241c.2cd8: KnownDllPath: C:\windows\system32
533241c.2cd8: supR3HardenedVmProcessInit: Opening vboxdrv...
534241c.2cd8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
535241c.2cd8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
536241c.2cd8: Registered Dll notification callback with NTDLL.
537241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
538241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
539241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
540241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
541241c.2cd8: supR3HardenedDllNotificationCallback: load 00000000772b0000 LB 0x0011f000 C:\windows\system32\kernel32.dll [fFlags=0x0]
542241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
543241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd3a0000 LB 0x0006c000 C:\windows\system32\KERNELBASE.dll [fFlags=0x0]
544241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
545241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
546241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000772b0000 'C:\windows\system32\kernel32.dll'
547241c.2cd8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000773fb630 pvNtTerminateThread=000000007741dee0
5481328.2e80: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 32 ms.
549241c.2cd8: \SystemRoot\System32\ntdll.dll:
550241c.2cd8: CreationTime: 2016-01-25T07:07:40.694426300Z
551241c.2cd8: LastWriteTime: 2015-12-30T19:05:33.659216000Z
552241c.2cd8: ChangeTime: 2016-01-25T15:33:35.009572000Z
553241c.2cd8: FileAttributes: 0x20
554241c.2cd8: Size: 0x1a67c0
555241c.2cd8: NT Headers: 0xe0
556241c.2cd8: Timestamp: 0x568429e5
557241c.2cd8: Machine: 0x8664 - amd64
558241c.2cd8: Timestamp: 0x568429e5
559241c.2cd8: Image Version: 6.1
560241c.2cd8: SizeOfImage: 0x1a9000 (1740800)
561241c.2cd8: Resource Dir: 0x14d000 LB 0x5a028
562241c.2cd8: ProductName: Microsoft® Windows® Operating System
563241c.2cd8: ProductVersion: 6.1.7601.19110
564241c.2cd8: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
565241c.2cd8: FileDescription: NT Layer DLL
566241c.2cd8: \SystemRoot\System32\kernel32.dll:
567241c.2cd8: CreationTime: 2016-01-25T07:07:40.552355300Z
568241c.2cd8: LastWriteTime: 2015-12-30T18:57:55.730000000Z
569241c.2cd8: ChangeTime: 2016-01-25T15:33:35.430487800Z
570241c.2cd8: FileAttributes: 0x20
571241c.2cd8: Size: 0x11c000
572241c.2cd8: NT Headers: 0xe8
573241c.2cd8: Timestamp: 0x568429dc
574241c.2cd8: Machine: 0x8664 - amd64
575241c.2cd8: Timestamp: 0x568429dc
576241c.2cd8: Image Version: 6.1
577241c.2cd8: SizeOfImage: 0x11f000 (1175552)
578241c.2cd8: Resource Dir: 0x116000 LB 0x528
579241c.2cd8: ProductName: Microsoft® Windows® Operating System
580241c.2cd8: ProductVersion: 6.1.7601.19110
581241c.2cd8: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
582241c.2cd8: FileDescription: Windows NT BASE API Client DLL
583241c.2cd8: \SystemRoot\System32\KernelBase.dll:
584241c.2cd8: CreationTime: 2016-01-25T07:07:41.914035800Z
585241c.2cd8: LastWriteTime: 2015-12-30T18:57:55.761000000Z
586241c.2cd8: ChangeTime: 2016-01-25T15:33:35.444485000Z
587241c.2cd8: FileAttributes: 0x20
588241c.2cd8: Size: 0x67a00
589241c.2cd8: NT Headers: 0xe8
590241c.2cd8: Timestamp: 0x568429dd
591241c.2cd8: Machine: 0x8664 - amd64
592241c.2cd8: Timestamp: 0x568429dd
593241c.2cd8: Image Version: 6.1
594241c.2cd8: SizeOfImage: 0x6c000 (442368)
595241c.2cd8: Resource Dir: 0x6a000 LB 0x530
596241c.2cd8: ProductName: Microsoft® Windows® Operating System
597241c.2cd8: ProductVersion: 6.1.7601.19110
598241c.2cd8: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
599241c.2cd8: FileDescription: Windows NT BASE API Client DLL
600241c.2cd8: \SystemRoot\System32\apisetschema.dll:
601241c.2cd8: CreationTime: 2016-01-25T07:07:43.425791300Z
602241c.2cd8: LastWriteTime: 2015-12-30T18:54:58.839000000Z
603241c.2cd8: ChangeTime: 2016-01-25T15:33:34.910591800Z
604241c.2cd8: FileAttributes: 0x20
605241c.2cd8: Size: 0x1a00
606241c.2cd8: NT Headers: 0xc0
607241c.2cd8: Timestamp: 0x568428c9
608241c.2cd8: Machine: 0x8664 - amd64
609241c.2cd8: Timestamp: 0x568428c9
610241c.2cd8: Image Version: 6.1
611241c.2cd8: SizeOfImage: 0x50000 (327680)
612241c.2cd8: Resource Dir: 0x30000 LB 0x3f8
613241c.2cd8: ProductName: Microsoft® Windows® Operating System
614241c.2cd8: ProductVersion: 6.1.7601.19110
615241c.2cd8: FileVersion: 6.1.7601.19110 (win7sp1_gdr.151230-0600)
616241c.2cd8: FileDescription: ApiSet Schema DLL
617241c.2cd8: Found driver mfewfpk (0x20)
618241c.2cd8: Found driver mfehidk (0x20)
619241c.2cd8: Found driver mfeavfk (0x20)
620241c.2cd8: Found driver mfefirek (0x20)
621241c.2cd8: supR3HardenedWinFindAdversaries: 0x20
622241c.2cd8: \SystemRoot\System32\drivers\mfeapfk.sys:
623241c.2cd8: CreationTime: 2015-04-28T19:25:19.881745800Z
624241c.2cd8: LastWriteTime: 2015-07-20T11:05:21.075323300Z
625241c.2cd8: ChangeTime: 2015-07-20T11:05:21.075323300Z
626241c.2cd8: FileAttributes: 0x20
627241c.2cd8: Size: 0x2f000
628241c.2cd8: NT Headers: 0xf0
629241c.2cd8: Timestamp: 0x54cbd0b9
630241c.2cd8: Machine: 0x8664 - amd64
631241c.2cd8: Timestamp: 0x54cbd0b9
632241c.2cd8: Image Version: 0.0
633241c.2cd8: SizeOfImage: 0x2cc80 (183424)
634241c.2cd8: Resource Dir: 0x2c480 LB 0x340
635241c.2cd8: ProductName: SYSCORE
636241c.2cd8: FileVersion: SYSCORE.15.3.0.672
637241c.2cd8: PrivateBuild: SYSCORE.15.3.0.672 F16
638241c.2cd8: FileDescription: Access Protection Filter Driver
639241c.2cd8: \SystemRoot\System32\drivers\mfeavfk.sys:
640241c.2cd8: CreationTime: 2015-04-28T19:25:19.816288600Z
641241c.2cd8: LastWriteTime: 2016-01-18T09:36:27.731375400Z
642241c.2cd8: ChangeTime: 2016-01-18T09:36:43.469949100Z
643241c.2cd8: FileAttributes: 0x20
644241c.2cd8: Size: 0x54e98
645241c.2cd8: NT Headers: 0xf8
646241c.2cd8: Timestamp: 0x558ddc3c
647241c.2cd8: Machine: 0x8664 - amd64
648241c.2cd8: Timestamp: 0x558ddc3c
649241c.2cd8: Image Version: 0.0
650241c.2cd8: SizeOfImage: 0x50580 (329088)
651241c.2cd8: Resource Dir: 0x4f700 LB 0x758
652241c.2cd8: ProductName: SYSCORE
653241c.2cd8: ProductVersion: 15.4.0.674
654241c.2cd8: FileVersion: SYSCORE.15.4.0.674
655241c.2cd8: PrivateBuild: SYSCORE.15.4.0.674 F15,F16,F19
656241c.2cd8: FileDescription: Anti-Virus File System Filter Driver
657241c.2cd8: \SystemRoot\System32\drivers\mfefirek.sys:
658241c.2cd8: CreationTime: 2015-04-29T01:18:11.945728500Z
659241c.2cd8: LastWriteTime: 2015-07-20T11:05:21.452361000Z
660241c.2cd8: ChangeTime: 2015-07-20T11:05:21.452361000Z
661241c.2cd8: FileAttributes: 0x20
662241c.2cd8: Size: 0x827c8
663241c.2cd8: NT Headers: 0xe8
664241c.2cd8: Timestamp: 0x54cbd128
665241c.2cd8: Machine: 0x8664 - amd64
666241c.2cd8: Timestamp: 0x54cbd128
667241c.2cd8: Image Version: 0.0
668241c.2cd8: SizeOfImage: 0x7fc80 (523392)
669241c.2cd8: Resource Dir: 0x7d280 LB 0x350
670241c.2cd8: ProductName: SYSCORE
671241c.2cd8: FileVersion: SYSCORE.15.3.0.672
672241c.2cd8: PrivateBuild: SYSCORE.15.3.0.672 F17,F18
673241c.2cd8: FileDescription: McAfee Core Firewall Engine Driver
674241c.2cd8: \SystemRoot\System32\drivers\mfehidk.sys:
675241c.2cd8: CreationTime: 2015-04-28T19:25:19.521731200Z
676241c.2cd8: LastWriteTime: 2016-01-18T09:36:27.680370300Z
677241c.2cd8: ChangeTime: 2016-01-18T09:36:27.680370300Z
678241c.2cd8: FileAttributes: 0x20
679241c.2cd8: Size: 0xd5d98
680241c.2cd8: NT Headers: 0x108
681241c.2cd8: Timestamp: 0x558ddbf8
682241c.2cd8: Machine: 0x8664 - amd64
683241c.2cd8: Timestamp: 0x558ddbf8
684241c.2cd8: Image Version: 0.0
685241c.2cd8: SizeOfImage: 0xd0880 (854144)
686241c.2cd8: Resource Dir: 0xcd980 LB 0x758
687241c.2cd8: ProductName: SYSCORE
688241c.2cd8: ProductVersion: 15.4.0.674
689241c.2cd8: FileVersion: SYSCORE.15.4.0.674
690241c.2cd8: PrivateBuild: SYSCORE.15.4.0.674 F14,F15,F16,F18,F20
691241c.2cd8: FileDescription: McAfee Link Driver
692241c.2cd8: \SystemRoot\System32\drivers\mfewfpk.sys:
693241c.2cd8: CreationTime: 2015-04-28T19:25:16.134321100Z
694241c.2cd8: LastWriteTime: 2015-07-20T11:05:21.264342200Z
695241c.2cd8: ChangeTime: 2015-07-20T11:05:21.264342200Z
696241c.2cd8: FileAttributes: 0x20
697241c.2cd8: Size: 0x55510
698241c.2cd8: NT Headers: 0xf0
699241c.2cd8: Timestamp: 0x54cbd080
700241c.2cd8: Machine: 0x8664 - amd64
701241c.2cd8: Timestamp: 0x54cbd080
702241c.2cd8: Image Version: 0.0
703241c.2cd8: SizeOfImage: 0x52e00 (339456)
704241c.2cd8: Resource Dir: 0x52280 LB 0x348
705241c.2cd8: ProductName: SYSCORE
706241c.2cd8: FileVersion: SYSCORE.15.3.0.672
707241c.2cd8: PrivateBuild: SYSCORE.15.3.0.672 F17,F18
708241c.2cd8: FileDescription: Anti-Virus Mini-Firewall Driver
709241c.2cd8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
710241c.2cd8: Calling main()
711241c.2cd8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
712241c.2cd8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
713241c.2cd8: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
714241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.exe)
715241c.2cd8: SUPR3HardenedMain: Final process, opening VBoxDrv...
716241c.2cd8: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000300000 LB 0x400000)
717241c.2cd8: supR3HardNtEnableThreadCreation:
718241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
719241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
720241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854300:C:\windows\system32 [calling]
721241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
722241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fef4510000 LB 0x00005000 c:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
723241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
724241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
725241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
726241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4510000 'c:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
727241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
728241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
729241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4510000 'c:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
730241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef4510000 'c:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
731241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
732241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
733241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
734241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
735241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
736241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
737241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
738241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
739241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
740241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
741241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
742241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
743241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
744241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
745241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
746241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
747241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
748241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
749241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
750241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
751241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
752241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
753241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
754241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
755241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
756241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
757241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
758241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
759241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
760241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
761241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854300:C:\windows\system32 [calling]
762241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
763241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd360000 LB 0x0003b000 C:\windows\system32\Wintrust.dll [fFlags=0x0]
764241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
765241c.2cd8: supR3HardenedDllNotificationCallback: load 000007feff200000 LB 0x0009f000 C:\windows\system32\msvcrt.dll [fFlags=0x0]
766241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
767241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd190000 LB 0x0016d000 C:\windows\system32\CRYPT32.dll [fFlags=0x0]
768241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
769241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd170000 LB 0x0000f000 C:\windows\system32\MSASN1.dll [fFlags=0x0]
770241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
771241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefe620000 LB 0x0012d000 C:\windows\system32\RPCRT4.dll [fFlags=0x0]
772241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
773241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd360000 'C:\windows\system32\Wintrust.dll'
774241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
775241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
776241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008997c0:C:\windows\system32 [calling]
777241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
778241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefcb20000 LB 0x00022000 C:\windows\system32\bcrypt.dll [fFlags=0x0]
779241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
780241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb20000 'C:\windows\system32\bcrypt.dll'
781241c.2cd8: bcrypt.dll loaded at 000007fefcb20000, BCryptOpenAlgorithmProvider at 000007fefcb22640, preloading providers:
782241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
783241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
784241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
785241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
786241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
787241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
788241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
789241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
790241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
791241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
792241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
793241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
794241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
795241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
796241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
797241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
798241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
799241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
800241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
801241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
802241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
803241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefc5a0000 LB 0x0004c000 C:\windows\system32\bcryptprimitives.dll [fFlags=0x0]
804241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
805241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefe880000 LB 0x000db000 C:\windows\system32\ADVAPI32.dll [fFlags=0x0]
806241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
807241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
808241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
809241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
810241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
811241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefe5b0000 LB 0x0001f000 C:\windows\SYSTEM32\sechost.dll [fFlags=0x0]
812241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
813241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc5a0000 'C:\windows\system32\bcryptprimitives.dll'
814241c.2cd8: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000089aea0)
815241c.2cd8: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000089dd60)
816241c.2cd8: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000089de80)
817241c.2cd8: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000089e090)
818241c.2cd8: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000089e1b0)
819241c.2cd8: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000089e2d0)
820241c.2cd8: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000000000089e510)
821241c.2cd8: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=000000000089e630)
822241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
823241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
824241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
825241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
826241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
827241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
828241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
829241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
830241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
831241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
832241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefcb60000 LB 0x00018000 C:\windows\system32\CRYPTSP.dll [fFlags=0x0]
833241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
834241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb60000 'C:\windows\system32\CRYPTSP.dll'
835241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
836241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
837241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
838241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
839241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
840241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
841241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
842241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
843241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefc520000 LB 0x00047000 C:\windows\system32\rsaenh.dll [fFlags=0x0]
844241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
845241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc520000 'C:\windows\system32\rsaenh.dll'
846241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
847241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
848241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe880000 'C:\windows\system32\ADVAPI32.dll'
849241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
850241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
851241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
852241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
853241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd010000 LB 0x0000f000 C:\windows\system32\CRYPTBASE.dll [fFlags=0x0]
854241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
855241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd010000 'C:\windows\system32\CRYPTBASE.dll'
856241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
857241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
858241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000772b0000 'C:\windows\system32\kernel32.dll'
859241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
860241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
861241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd360000 'C:\windows\system32\WINTRUST.DLL'
862241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
863241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
864241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd190000 'C:\windows\system32\CRYPT32.dll'
865241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
866241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'advapi32.dll'.
867241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
868241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
869241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
870241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
871241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
872241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
873241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
874241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
875241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
876241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
877241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd530000 LB 0x00019000 C:\windows\system32\imagehlp.dll [fFlags=0x0]
878241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
879241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd530000 'C:\windows\system32\imagehlp.dll'
880241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
881241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
882241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb60000 'C:\windows\system32\CRYPTSP.dll'
883241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
884241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
885241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
886241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
887241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
888241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
889241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
890241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
891241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
892241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
893241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
894241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
895241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
896241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
897241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
898241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
899241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
900241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
901241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
902241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
903241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
904241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
905241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
906241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
907241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
908241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
909241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
910241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
911241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
912241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
913241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
914241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
915241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
916241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
917241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
918241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
919241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
920241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
921241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
922241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
923241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
924241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
925241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
926241c.2cd8: supR3HardenedDllNotificationCallback: load 00000000771b0000 LB 0x000fa000 C:\windows\system32\USER32.dll [fFlags=0x0]
927241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
928241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefef20000 LB 0x00067000 C:\windows\system32\GDI32.dll [fFlags=0x0]
929241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
930241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefe9f0000 LB 0x0000e000 C:\windows\system32\LPK.dll [fFlags=0x0]
931241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust]
932241c.2cd8: supR3HardenedDllNotificationCallback: load 000007feff430000 LB 0x000ca000 C:\windows\system32\USP10.dll [fFlags=0x0]
933241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust]
934241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
935241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
936241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef20000 'C:\windows\system32\gdi32.dll'
937241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
938241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
939241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
940241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
941241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
942241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
943241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
944241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
945241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
946241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
947241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
948241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
949241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
950241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
951241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
952241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
953241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
954241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
955241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
956241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
957241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
958241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
959241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
960241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
961241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
962241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
963241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
964241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
965241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
966241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
967241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
968241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
969241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
970241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefe9c0000 LB 0x0002e000 C:\windows\system32\IMM32.DLL [fFlags=0x0]
971241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
972241c.2cd8: supR3HardenedDllNotificationCallback: load 000007feff320000 LB 0x00109000 C:\windows\system32\MSCTF.dll [fFlags=0x0]
973241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
974241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe9c0000 'C:\windows\system32\IMM32.DLL'
975241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000771b0000 'C:\windows\system32\USER32.dll'
976241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
977241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
978241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
979241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
980241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
981241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
982241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
983241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
984241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
985241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
986241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
987241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
988241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
989241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
990241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
991241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
992241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefca90000 LB 0x00050000 C:\windows\system32\ncrypt.dll [fFlags=0x0]
993241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
994241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefca90000 'C:\windows\system32\ncrypt.dll'
995241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
996241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
997241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb20000 'C:\windows\system32\bcrypt.dll'
998241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
999241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
1000241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
1001241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
1002241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
1003241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
1004241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
1005241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1006241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
1007241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
1008241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1009241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1010241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1011241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1012241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1013241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1014241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1015241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1016241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1017241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1018241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
1019241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd4b0000 LB 0x0001e000 C:\windows\system32\USERENV.dll [fFlags=0x0]
1020241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
1021241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd180000 LB 0x0000f000 C:\windows\system32\profapi.dll [fFlags=0x0]
1022241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
1023241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4b0000 'C:\windows\system32\USERENV.dll'
1024241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1025241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1026241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1027241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1028241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1029241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1030241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
1031241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
1032241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1033241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1034241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1035241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1036241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1037241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1038241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1039241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1040241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefc110000 LB 0x0001b000 C:\windows\system32\GPAPI.dll [fFlags=0x0]
1041241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1042241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc110000 'C:\windows\system32\GPAPI.dll'
1043241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1044241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
1045241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1046241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1047241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe620000 'C:\windows\system32\rpcrt4.dll'
1048241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1049241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-WIN-Service-Management-L2-1-0.dll'
1050241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1051241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1052241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1053241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
1054241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
1055241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
1056241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
1057241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
1058241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
1059241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
1060241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1061241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
1062241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
1063241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
1064241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
1065241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1066241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1067241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1068241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1069241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1070241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1071241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1072241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1073241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1074241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1075241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1076241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1077241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fef7e50000 LB 0x00027000 C:\windows\system32\cryptnet.dll [fFlags=0x0]
1078241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1079241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefe960000 LB 0x00052000 C:\windows\system32\WLDAP32.dll [fFlags=0x0]
1080241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
1081241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1082241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1083241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1084241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1085241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1086241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1087241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1088241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1089241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1090241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1091241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1092241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1093241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1094241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1095241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1096241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1097241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1098241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1099241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1100241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1101241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1102241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1103241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1104241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1105241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1106241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1107241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1108241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1109241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1110241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1111241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7e50000 'C:\windows\system32\cryptnet.dll'
1112241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1113241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1114241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
1115241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1116241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd180000 'C:\windows\system32\profapi.dll'
1117241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1118241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1119241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1120241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
1121241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1122241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1123241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1124241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1125241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1126241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1127241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1128241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1129241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1130241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1131241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1132241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
1133241c.2cd8: supR3HardenedDllNotificationCallback: load 000007feff2a0000 LB 0x00071000 C:\windows\system32\SHLWAPI.dll [fFlags=0x0]
1134241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
1135241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2a0000 'C:\windows\system32\SHLWAPI.dll'
1136241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1137241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000002c315f0
1138241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1139241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=99113493CCEA6CE03AD58304FCE46D35B665BC85
1140241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1141241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
1142241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1143241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-WIN-Service-Management-L1-1-0.dll'
1144241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1145241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
1146241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1147241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1148241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe880000 'C:\windows\system32\ADVAPI32.dll'
1149241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1150241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1151241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1152241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
1153241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\SystemRoot\System32\ntdll.dll'
1154241c.2cd8: g_pfnWinVerifyTrust=000007fefd361010
1155241c.2cd8: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
1156241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e0 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
1157241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1158241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1159241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B757256DD06374F77FF8DC61E1FEC0E93F3DF2F3
1160241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_192_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
1161241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1162241c.2cd8: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
1163241c.2cd8: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
1164241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d4 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
1165241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1166241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1167241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E9D66460DAFA96F2CF96829A002753DECB7ED7CF
1168241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
1169241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1170241c.2cd8: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
1171241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000388 pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1172241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1173241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1174241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
1175241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
1176241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1177241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
1178241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000380 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
1179241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1180241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1181241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
1182241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
1183241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1184241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
1185241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000037c pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
1186241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1187241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1188241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2545617940C2A353D1E2B307B3C55DF27B1EEBE9
1189241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
1190241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1191241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
1192241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000258 pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
1193241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1194241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1195241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
1196241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
1197241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1198241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
1199241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c4 pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
1200241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1201241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1202241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
1203241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
1204241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1205241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
1206241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001c0 pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
1207241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1208241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1209241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
1210241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
1211241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1212241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
1213241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001ac pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
1214241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1215241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1216241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AF6214D5B4EE4D004FA11B4426B0E781D4E918A9
1217241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
1218241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1219241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
1220241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000194 pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
1221241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1222241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1223241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03916BC73EE5A0E312E3D3100D0ACE1B78E93BB1
1224241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3033889~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
1225241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1226241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
1227241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
1228241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1229241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1230241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
1231241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
1232241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1233241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
1234241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000018c pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
1235241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1236241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1237241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=31498ABFB06219E83141E0AA8B2A55C4CECFD033
1238241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3108670~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
1239241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1240241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
1241241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000188 pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
1242241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1243241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1244241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FDBA63132AE4F561C5CFC5478222E40A2DAA2ACC
1245241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3087039~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
1246241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1247241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
1248241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000184 pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
1249241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1250241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1251241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E200CE23C0ADD95195EBA5616D50363CEA00DB25
1252241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3124001~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
1253241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1254241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
1255241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000180 pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
1256241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1257241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1258241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=94AFB7B548C6C2376C6AEE4ECE2FA09C90F5FD4B
1259241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB3109094~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\user32.dll'
1260241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1261241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
1262241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000017c pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
1263241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1264241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1265241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2702EE05F1B717B0F2CE0FBE32784A47B8419DCA
1266241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2893294~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
1267241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1268241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
1269241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000130 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1270241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1271241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1272241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C369CA0A282E9201E8C3399DEF1010F6DC0676FA
1273241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
1274241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1275241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
1276241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
1277241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000012c pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
1278241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1279241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1280241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BA7AC4A7E8ADDFEA90AC951ECB6D6546E4873613
1281241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
1282241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1283241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
1284241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000120 pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
1285241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1286241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1287241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
1288241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
1289241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1290241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
1291241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000011c pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
1292241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1293241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1294241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6964F437558F504725B2BE66A35240231044644F
1295241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3121918~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
1296241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1297241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
1298241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
1299241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
1300241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1301241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1302241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
1303241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
1304241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1305241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
1306241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e4 pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1307241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1308241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1309241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2CA2FD632B264C063162F71474266E3615B6420C
1310241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
1311241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1312241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
1313241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000dc pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
1314241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1315241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1316241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
1317241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
1318241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1319241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
1320241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000d8 pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1321241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1322241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1323241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DA2C80E31A4EEBFA49ACC284D4C1B701145978CB
1324241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1325241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1326241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1327241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1328241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\Windows\System32\KernelBase.dll
1329241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1330241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1331241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=345936918DE59E26BE1BF613500ED5E48C26873F
1332241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1333241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1334241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1335241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
1336241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1337241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1338241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C5B3709F99BA1F5F78D42BD62B72E557388B5AE0
1339241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB3121212~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1340241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1341241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1342241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1343241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002c30ac0:C:\windows\system32 [calling]
1344241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd190000 'C:\windows\system32\crypt32.dll'
1345241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xa69e981b015beb00 DC=tss, DC=t-systems, DC=uns, CN=ITSHRootCA
1346241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1347241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1348241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1349241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1350241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xf444417a00c9bdd C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 1
1351241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1352241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
1353241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1354241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xb313c6bdc162cf00 C=HU, O=INOFRMATIKHU, CN=Informatik strongSwan Root CA
1355241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1356241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1357241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1358241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
1359241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1360241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1361241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1362241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1363241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
1364241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
1365241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1366241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
1367241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1368241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1369241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1370241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
1371241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1372241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
1373241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1374241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1375241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
1376241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
1377241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1378241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1379241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1380241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
1381241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
1382241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x67a526528cfbe400 C=AT, O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH, OU=A-Trust-Root-05, CN=A-Trust-Root-05
1383241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1384241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x6d4bbe735e24c400 C=HU, L=Budapest, O=NetLock Kft., OU=Tanúsítványkiadók (Certification Services), CN=NetLock Arany (Class Gold) Főtanúsítvány
1385241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1386241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
1387241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1388241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0xf444417a00c9bdd C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 1
1389241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x83170d84e89db800 DC=de, DC=ads-telekom, CN=ADSRootCA
1390241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x1cb393680f2db100 DC=de, DC=ads-telekom, CN=ADSRootCA
1391241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1392241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
1393241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x83170d84e89db800 DC=de, DC=ads-telekom, CN=ADSRootCA
1394241c.2cd8: supR3HardenedWinIsDesiredRootCA: Adding 0x96bf79049555ab00 C=DE, O=Deutsche Telekom AG, OU=Trust Center, CN=Deutsche Telekom Internal Root CA 1
1395241c.2cd8: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=50
1396241c.2cd8: SUPR3HardenedMain: Load Runtime...
1397241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1398241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1399241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
1400241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
1401241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
1402241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1403241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1404241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1405241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1406241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1407241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1408241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000424 pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1409241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1410241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1411241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
1412241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
1413241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1414241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1415241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
1416241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
1417241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) WinVerifyTrust
1418241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1419241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1420241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1421241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1422241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
1423241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1424241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1425241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1426241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
1427241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1428241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1429241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1430241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1431241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
1432241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
1433241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000410 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
1434241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1435241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1436241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
1437241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
1438241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1439241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll) WinVerifyTrust
1440241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
1441241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1442241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1443241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1444241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1445241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1446241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1447241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
1448241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1449241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fed9f10000 LB 0x00562000 c:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1450241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1451241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1452241c.2cd8: supR3HardenedDllNotificationCallback: load 0000000079070000 LB 0x000d2000 c:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1453241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1454241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1455241c.2cd8: supR3HardenedDllNotificationCallback: load 0000000078e80000 LB 0x00098000 c:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1456241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1457241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefe5d0000 LB 0x0004d000 C:\windows\system32\WS2_32.dll [fFlags=0x0]
1458241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1459241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefe7f0000 LB 0x00008000 C:\windows\system32\NSI.dll [fFlags=0x0]
1460241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
1461241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1462241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1463241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1464241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1465241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1466241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1467241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1468241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1469241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1470241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1471241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1472241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1473241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1474241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1475241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1476241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1477241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1478241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1479241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1480241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1481241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1482241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1483241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1484241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1485241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1486241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1487241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1488241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1489241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1490241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1491241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1492241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1493241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1494241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1495241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1496241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1497241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1498241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1499241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1500241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1501241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1502241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1503241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1504241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1505241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000854a70:c:\Program Files\Oracle\VirtualBox;C:\windows\system32;C:\windows\system;C:\windows;.;C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\JSONBuddy;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ [calling]
1506241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1507241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1508241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1509241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed9f10000 'c:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1510241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
1511241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002c52550:C:\windows\system32 [calling]
1512241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd360000 'C:\windows\system32\Wintrust.dll'
1513241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1514241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002c52550:C:\windows\system32 [calling]
1515241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd190000 'C:\windows\system32\crypt32.dll'
1516241c.2cd8: SUPR3HardenedMain: Load TrustedMain...
1517241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1518241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1519241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
1520241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1521241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
1522241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
1523241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtopenglvbox4.dll'.
1524241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1525241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
1526241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'advapi32.dll'.
1527241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'shell32.dll'.
1528241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ole32.dll'.
1529241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'oleaut32.dll'.
1530241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'comdlg32.dll'.
1531241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
1532241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
1533241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1534241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1535241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1536241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000480 pwszName=\Device\HarddiskVolume2\Windows\System32\winmm.dll
1537241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1538241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1539241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
1540241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winmm.dll'
1541241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1542241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1543241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1544241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) WinVerifyTrust
1545241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
1546241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1547241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1548241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000460 pwszName=\Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1549241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1550241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1551241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=66EE5BDFFA413AEA9E1FE7838A08646E94136DA5
1552241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\comdlg32.dll'
1553241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1554241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1555241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
1556241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1557241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1558241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
1559241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
1560241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comdlg32.dll) WinVerifyTrust
1561241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1562241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1563241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1564241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000474 pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1565241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1566241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1567241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=59C9A3379D97CB80EFB9D9152AF4E0240DDF8B29
1568241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3006226~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
1569241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1570241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1571241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1572241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1573241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1574241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
1575241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll) WinVerifyTrust
1576241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1577241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1578241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1579241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000048c pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
1580241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1581241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1582241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E93C1851E5754D607F55581B4DE2A30B711C830
1583241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB3072633~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
1584241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1585241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1586241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1587241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
1588241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1589241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll) WinVerifyTrust
1590241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
1591241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1592241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1593241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000488 pwszName=\Device\HarddiskVolume2\Windows\System32\shell32.dll
1594241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1595241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1596241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FB4A0D952E568C1E85DCE662F9A066FFB2E6CE84
1597241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3080446~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\shell32.dll'
1598241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1599241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1600241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
1601241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
1602241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
1603241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll) WinVerifyTrust
1604241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
1605241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1606241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1607241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1608241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1609241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1610241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1611241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1612241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1613241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
1614241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
1615241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1616241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1617241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1618241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
1619241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
1620241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
1621241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll) WinVerifyTrust
1622241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1623241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1624241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1625241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1626241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
1627241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
1628241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
1629241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
1630241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
1631241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
1632241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1633241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
1634241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
1635241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
1636241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
1637241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
1638241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll) WinVerifyTrust
1639241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1640241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1641241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1642241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1643241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
1644241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1645241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
1646241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1647241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1648241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll) WinVerifyTrust
1649241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1650241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1651241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1652241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1653241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1654241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1655241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1656241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1657241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1658241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1659241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1660241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004c8 pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
1661241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1662241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1663241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
1664241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
1665241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1666241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1667241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1668241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1669241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
1670241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
1671241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1672241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll) WinVerifyTrust
1673241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1674241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1675241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1676241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
1677241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
1678241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d0 pwszName=\Device\HarddiskVolume2\Windows\System32\ddraw.dll
1679241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1680241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1681241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
1682241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
1683241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1684241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1685241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1686241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
1687241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1688241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
1689241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
1690241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll) WinVerifyTrust
1691241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1692241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1693241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1694241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004bc pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
1695241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1696241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1697241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
1698241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\glu32.dll'
1699241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1700241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1701241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1702241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1703241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\glu32.dll) WinVerifyTrust
1704241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
1705241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1706241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1707241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1708241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1709241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1710241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1711241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1712241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1713241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1714241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1715241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1716241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1717241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1718241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1719241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1720241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1721241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1722241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1723241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1724241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1725241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1726241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1727241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1728241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1729241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1730241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1731241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1732241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1733241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1734241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1735241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1736241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1737241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1738241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1739241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1740241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1741241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1742241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1743241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1744241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1745241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1746241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1747241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1748241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
1749241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume2\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
1750241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004cc pwszName=\Device\HarddiskVolume2\Windows\System32\winspool.drv
1751241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1752241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1753241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C89A2ED7B99A056D78CA6BAC9CCAB8B1FF119A14
1754241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\winspool.drv'
1755241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1756241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1757241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1758241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1759241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winspool.drv) WinVerifyTrust
1760241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winspool.drv
1761241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1762241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1763241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1764241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
1765241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
1766241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
1767241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1768241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1769241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1770241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1771241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1772241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
1773241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1774241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1775241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1776241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1777241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1778241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1779241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1780241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1781241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1782241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1783241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1784241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1785241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1786241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1787241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1788241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1789241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1790241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1791241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1792241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1793241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1794241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1795241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1796241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1797241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1798241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1799241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1800241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1801241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1802241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1803241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1804241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1805241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1806241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1807241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1808241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1809241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1810241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1811241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1812241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
1813241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1814241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1815241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1816241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1817241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1818241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1819241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1820241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1821241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1822241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
1823241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
1824241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
1825241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004dc pwszName=\Device\HarddiskVolume2\Windows\System32\comctl32.dll
1826241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1827241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1828241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=761964761EE466757E306124E042F4C2ACBEA092
1829241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\System32\comctl32.dll'
1830241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1831241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1832241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1833241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1834241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\comctl32.dll) WinVerifyTrust
1835241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\comctl32.dll
1836241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1837241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1838241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1839241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1840241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1841241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1842241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1843241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1844241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1845241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1846241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1847241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1848241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1849241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1850241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1851241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1852241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1853241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1854241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1855241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1856241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1857241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1858241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1859241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1860241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1861241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1862241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1863241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1864241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1865241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1866241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1867241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1868241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1869241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
1870241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
1871241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a4 pwszName=\Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1872241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1873241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1874241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
1875241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
1876241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1877241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1878241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1879241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1880241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll) WinVerifyTrust
1881241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
1882241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
1883241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
1884241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e4 pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
1885241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1886241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1887241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
1888241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
1889241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1890241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
1891241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
1892241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
1893241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1894241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
1895241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1896241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
1897241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll) WinVerifyTrust
1898241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1899241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1900241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1901241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
1902241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
1903241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d4 pwszName=\Device\HarddiskVolume2\Windows\System32\dciman32.dll
1904241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1905241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1906241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=779E327CA47BE9830D08A18EEDE8A70C3A978A3B
1907241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3087039~31bf3856ad364e35~amd64~~6.1.1.4.cat'; file='\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
1908241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1909241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1910241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
1911241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1912241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll) WinVerifyTrust
1913241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1914241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1915241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1916241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1917241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1918241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1919241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1920241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1921241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1922241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1923241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1924241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
1925241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
1926241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f0 pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
1927241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1928241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1929241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
1930241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
1931241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1932241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1933241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
1934241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\devobj.dll) WinVerifyTrust
1935241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
1936241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1937241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1938241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1939241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1940241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1941241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1942241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1943241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1944241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1945241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1946241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1947241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
1948241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
1949241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f8 pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1950241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
1951241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
1952241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
1953241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
1954241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1955241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1956241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
1957241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1958241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll) WinVerifyTrust
1959241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1960241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1961241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1962241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1963241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1964241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1965241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1966241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1967241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1968241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1969241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1970241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1971241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1972241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
1973241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
1974241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1975241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1976241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1977241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
1978241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1979241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fed8dc0000 LB 0x00abe000 c:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
1980241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBox.dll
1981241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1982241c.2cd8: supR3HardenedDllNotificationCallback: load 000007feec1b0000 LB 0x0011d000 C:\windows\system32\OPENGL32.dll [fFlags=0x0]
1983241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1984241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
1985241c.2cd8: supR3HardenedDllNotificationCallback: load 000007feec8f0000 LB 0x0002d000 C:\windows\system32\GLU32.dll [fFlags=0x0]
1986241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
1987241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1988241c.2cd8: supR3HardenedDllNotificationCallback: load 000007feec0b0000 LB 0x000f1000 C:\windows\system32\DDRAW.dll [fFlags=0x0]
1989241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
1990241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1991241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fef6a90000 LB 0x00008000 C:\windows\system32\DCIMAN32.dll [fFlags=0x0]
1992241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
1993241c.2cd8: supR3HardenedDllNotificationCallback: load 000007feff500000 LB 0x001d7000 C:\windows\system32\SETUPAPI.dll [fFlags=0x0]
1994241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
1995241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd320000 LB 0x00036000 C:\windows\system32\CFGMGR32.dll [fFlags=0x0]
1996241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1997241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefeb90000 LB 0x000d7000 C:\windows\system32\OLEAUT32.dll [fFlags=0x0]
1998241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1999241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefed10000 LB 0x00203000 C:\windows\system32\ole32.dll [fFlags=0x0]
2000241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2001241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd500000 LB 0x0001a000 C:\windows\system32\DEVOBJ.dll [fFlags=0x0]
2002241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
2003241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
2004241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefb8e0000 LB 0x00018000 C:\windows\system32\dwmapi.dll [fFlags=0x0]
2005241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
2006241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
2007241c.2cd8: supR3HardenedDllNotificationCallback: load 00000000664c0000 LB 0x002de000 c:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
2008241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
2009241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
2010241c.2cd8: supR3HardenedDllNotificationCallback: load 0000000064470000 LB 0x0096c000 c:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
2011241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
2012241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefe750000 LB 0x00097000 C:\windows\system32\COMDLG32.dll [fFlags=0x0]
2013241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comdlg32.dll
2014241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
2015241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
2016241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2017241c.2cd8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll)
2018241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
2019241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fef7b30000 LB 0x000a0000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll [fFlags=0x0]
2020241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [avoiding WinVerifyTrust]
2021241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd550000 LB 0x00d89000 C:\windows\system32\SHELL32.dll [fFlags=0x0]
2022241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2023241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2024241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefadb0000 LB 0x0003b000 C:\windows\system32\WINMM.dll [fFlags=0x0]
2025241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2026241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
2027241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fef8320000 LB 0x00071000 C:\windows\system32\WINSPOOL.DRV [fFlags=0x0]
2028241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winspool.drv
2029241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
2030241c.2cd8: supR3HardenedDllNotificationCallback: load 00000000628f0000 LB 0x000dc000 c:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
2031241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
2032241c.2cd8: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'.
2033241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll' [rescheduled]
2034241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
2035241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2036241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2037241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2038241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2039241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2040241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2041241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008db2e0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2042241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe9c0000 'C:\windows\system32\imm32.dll'
2043241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed8dc0000 'c:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
2044241c.2cd8: SUPR3HardenedMain: Calling TrustedMain (000007fed8dc10d0)...
2045241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2046241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2047241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefadb0000 'C:\windows\system32\winmm.dll'
2048241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000584 pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2049241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2050241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2051241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
2052241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
2053241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2054241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2055241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2056241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
2057241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) WinVerifyTrust
2058241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2059241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2060241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2061241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2062241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2063241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2064241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2065241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002c402c0:C:\windows\system32;c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2066241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2067241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefb880000 LB 0x00056000 C:\windows\system32\uxtheme.dll [fFlags=0x0]
2068241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2069241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb880000 'C:\windows\system32\uxtheme.dll'
2070241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2071241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002c402c0:C:\windows\system32;c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2072241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb880000 'C:\windows\system32\uxtheme.dll'
2073241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2074241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002c40fd0:C:\windows\system32;c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2075241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb880000 'C:\windows\system32\uxtheme.dll'
2076241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2077241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002c40fd0:C:\windows\system32;c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2078241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb880000 'C:\windows\system32\uxtheme.dll'
2079241c.2cd8: \Device\HarddiskVolume2\Temp\ammemb64.dll: Owner is administrators group.
2080241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'oleaut32.dll'.
2081241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
2082241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2083241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
2084241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msimg32.dll'.
2085241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
2086241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'version.dll'.
2087241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'advapi32.dll'.
2088241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
2089241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
2090241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
2091241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'comctl32.dll'.
2092241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'shell32.dll'.
2093241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'user32.dll'.
2094241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'shlwapi.dll'.
2095241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'user32.dll'.
2096241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Temp\ammemb64.dll) WinVerifyTrust
2097241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Temp\ammemb64.dll
2098241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2099241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2100241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2101241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2102241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
2103241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2104241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2105241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2106241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2107241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2108241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
2109241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
2110241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\comctl32.dll
2111241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2112241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2113241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2114241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2115241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2116241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2117241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2118241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2119241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2120241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2121241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2122241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
2123241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume2\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
2124241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005a8 pwszName=\Device\HarddiskVolume2\Windows\System32\version.dll
2125241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2126241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2127241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A3AB94A028D0330A3DBCAE54C04C648532198DB9
2128241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\version.dll'
2129241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2130241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
2131241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\version.dll) WinVerifyTrust
2132241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\version.dll
2133241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2134241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2135241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msimg32.dll'...
2136241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msimg32.dll' -> '\Device\HarddiskVolume2\Windows\System32\msimg32.dll' [rcNtRedir=0xc0150008]
2137241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005b4 pwszName=\Device\HarddiskVolume2\Windows\System32\msimg32.dll
2138241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2139241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2140241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DD85FB140648D8D237C5E42CF5D75761964E08F0
2141241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume2\Windows\System32\msimg32.dll'
2142241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2143241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
2144241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msimg32.dll) WinVerifyTrust
2145241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msimg32.dll
2146241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2147241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2148241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2149241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2150241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2151241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2152241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2153241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2154241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2155241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2156241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2157241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2158241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2159241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
2160241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=c:\temp\ammemb64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002c46c90:c:\temp;c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2161241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Temp\ammemb64.dll
2162241c.2cd8: supR3HardenedDllNotificationCallback: load 00000000041d0000 LB 0x001ad000 c:\temp\ammemb64.dll [fFlags=0x0]
2163241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Temp\ammemb64.dll
2164241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msimg32.dll
2165241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefa350000 LB 0x00007000 C:\windows\system32\msimg32.dll [fFlags=0x0]
2166241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msimg32.dll
2167241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\version.dll
2168241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefc640000 LB 0x0000c000 C:\windows\system32\version.dll [fFlags=0x0]
2169241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\version.dll
2170241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2171241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2172241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000772b0000 'C:\windows\system32\kernel32.dll'
2173241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2174241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2175241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000772b0000 'C:\windows\system32\kernel32.dll'
2176241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2177241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\shell32.dll (Input=shell32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2178241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd550000 'C:\windows\system32\shell32.dll'
2179241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
2180241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\shlwapi.dll (Input=shlwapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2181241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff2a0000 'C:\windows\system32\shlwapi.dll'
2182241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2183241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\uxtheme.dll (Input=uxtheme.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2184241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb880000 'C:\windows\system32\uxtheme.dll'
2185241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
2186241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2187241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb8e0000 'C:\windows\system32\dwmapi.dll'
2188241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000041d0000 'c:\temp\ammemb64.dll'
2189241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
2190241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\dwmapi.dll (Input=dwmapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2191241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb8e0000 'C:\windows\system32\dwmapi.dll'
2192241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
2193241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2194241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd010000 'C:\windows\system32\CRYPTBASE.dll'
2195241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2196241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2197241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd550000 'C:\windows\system32\shell32.dll'
2198241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2199241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2200241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000772b0000 'C:\windows\system32\kernel32.dll'
2201241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2202241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2203241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb880000 'C:\windows\system32\uxtheme.dll'
2204241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2205241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2206241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb880000 'C:\windows\system32\uxtheme.dll'
2207241c.2cd8: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\windows\system32\wintab32.dll': 0 (NtPath=\??\C:\windows\system32\wintab32.dll; Input=C:\windows\system32\wintab32.dll; rcNtGetDll=0x0
2208241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2209241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\windows\system32\wintab32.dll'
2210241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
2211241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\user32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2212241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000771b0000 'C:\windows\system32\user32.dll'
2213241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb880000 'C:\windows\system32\uxtheme.dll'
2214241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000771b0000 'C:\windows\system32\user32.dll'
2215241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe880000 'C:\windows\system32\advapi32.dll'
2216241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
2217241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2218241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd4b0000 'C:\windows\system32\userenv.dll'
2219241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2220241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2221241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000772b0000 'C:\windows\system32\kernel32.dll'
2222241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000610 pwszName=\Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2223241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2224241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2225241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B01469787CE9D8C6FEE98FB207652B88B8494526
2226241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\clbcatq.dll'
2227241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2228241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2229241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2230241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2231241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2232241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2233241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
2234241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll) WinVerifyTrust
2235241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2236241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2237241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2238241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2239241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2240241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2241241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2242241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2243241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
2244241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2245241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2246241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2247241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2248241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2249241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2250241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2251241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\CLBCatQ.DLL (Input=CLBCatQ.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008daef0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2252241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2253241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefec70000 LB 0x00099000 C:\windows\system32\CLBCatQ.DLL [fFlags=0x0]
2254241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2255241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefec70000 'C:\windows\system32\CLBCatQ.DLL'
2256241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe880000 'C:\windows\system32\ADVAPI32.dll'
2257241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
2258241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008db250:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2259241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb60000 'C:\windows\system32\CRYPTSP.dll'
2260241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000630 pwszName=\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2261241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2262241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2263241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DFC4A7C7E103D324218E6EF5D219B953746D6EC1
2264241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll'
2265241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2266241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
2267241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll) WinVerifyTrust
2268241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2269241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2270241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2271241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\RpcRtRemote.dll (Input=RpcRtRemote.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008db250:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2272241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2273241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefd0c0000 LB 0x00014000 C:\windows\system32\RpcRtRemote.dll [fFlags=0x0]
2274241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\RpcRtRemote.dll
2275241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd0c0000 'C:\windows\system32\RpcRtRemote.dll'
2276241c.2bd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2277241c.2bd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2278241c.2bd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'psapi.dll'.
2279241c.2bd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
2280241c.2bd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2281241c.2bd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'version.dll'.
2282241c.2bd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
2283241c.2bd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
2284241c.2bd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
2285241c.2bd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
2286241c.2bd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
2287241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2288241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2289241c.2bd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2290241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2291241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2292241c.2bd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2293241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2294241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2295241c.2bd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2296241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
2297241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume2\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
2298241c.2bd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\version.dll
2299241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2300241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2301241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2302241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2303241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
2304241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
2305241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000670 pwszName=\Device\HarddiskVolume2\Windows\System32\psapi.dll
2306241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2307241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2308241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=561BAAB249C395B66D294444DF251EDB701DB607
2309241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\psapi.dll'
2310241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2311241c.2bd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\psapi.dll) WinVerifyTrust
2312241c.2bd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\psapi.dll
2313241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2314241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2315241c.2bd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
2316241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2317241c.2bd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2318241c.2bd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
2319241c.2bd4: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000090bd60:c:\Program Files\Oracle\VirtualBox;c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2320241c.2bd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
2321241c.2bd4: supR3HardenedDllNotificationCallback: load 000007fed87e0000 LB 0x005d8000 c:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
2322241c.2bd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
2323241c.2bd4: supR3HardenedDllNotificationCallback: load 0000000077590000 LB 0x00007000 C:\windows\system32\PSAPI.DLL [fFlags=0x0]
2324241c.2bd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\psapi.dll
2325241c.2bd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed87e0000 'c:\Program Files\Oracle\VirtualBox\VBoxC.dll'
2326241c.2bd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb90000 'C:\Windows\system32\oleaut32.dll'
2327241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000694 pwszName=\Device\HarddiskVolume2\Windows\System32\sxs.dll
2328241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2329241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2330241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCAC019C19F878C2B628662A84ECE75A01818BC9
2331241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\sxs.dll'
2332241c.2bd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2333241c.2bd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sxs.dll) WinVerifyTrust
2334241c.2bd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sxs.dll
2335241c.2bd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\SXS.DLL (Input=SXS.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008dba30:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2336241c.2bd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sxs.dll
2337241c.2bd4: supR3HardenedDllNotificationCallback: load 000007fefd020000 LB 0x00091000 C:\windows\system32\SXS.DLL [fFlags=0x0]
2338241c.2bd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sxs.dll
2339241c.2bd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd020000 'C:\windows\system32\SXS.DLL'
2340241c.2bd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe880000 'C:\windows\system32\ADVAPI32.dll'
2341241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb90000 'C:\windows\system32\OLEAUT32.dll'
2342241c.2cd8: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\windows\system32\wintab32.dll': 0 (NtPath=\??\C:\windows\system32\wintab32.dll; Input=C:\windows\system32\wintab32.dll; rcNtGetDll=0x0
2343241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008dbbe0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2344241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\windows\system32\wintab32.dll'
2345241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef20000 'C:\windows\system32\gdi32.dll'
2346241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000771b0000 'C:\windows\system32\user32.dll'
2347241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2348241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000008dbd90:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2349241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd550000 'C:\windows\system32\shell32.dll'
2350241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe880000 'C:\windows\system32\ADVAPI32.DLL'
2351241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a60 pwszName=\Device\HarddiskVolume2\Windows\System32\apphelp.dll
2352241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2353241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2354241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82846C7DC170BBD7F68FE9966A8D339A60BCFF16
2355241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\apphelp.dll'
2356241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2357241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll) WinVerifyTrust
2358241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
2359241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
2360241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll
2361241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fefcf70000 LB 0x00057000 C:\windows\system32\apphelp.dll [fFlags=0x0]
2362241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll
2363241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcf70000 'C:\windows\system32\apphelp.dll'
2364241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxoglhostcrutil.dll'.
2365241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2366241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
2367241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtcorevbox4.dll'.
2368241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtguivbox4.dll'.
2369241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtopenglvbox4.dll'.
2370241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'opengl32.dll'.
2371241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe)
2372241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
2373241c.2cd8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe'
2374241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
2375241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
2376241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
2377241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
2378241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
2379241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
2380241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
2381241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
2382241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
2383241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
2384241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
2385241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
2386241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2387241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2388241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2389241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2390241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
2391241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
2392241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2393241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2394241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'shlwapi.dll'.
2395241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
2396241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll) WinVerifyTrust
2397241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2398241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2399241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2400241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2401241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2402241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2403241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
2404241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2405241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2406241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2407241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2408241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe880000 'C:\windows\system32\ADVAPI32.dll'
2409241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2410241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a09a0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2411241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000772b0000 'C:\windows\system32\kernel32.dll'
2412241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2413241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a09a0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2414241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\windows\system32\ole32.dll'
2415241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll
2416241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002c413f0:C:\windows\system32;c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2417241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff320000 'C:\windows\system32\MSCTF.dll'
2418241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2419241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a0be0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2420241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd550000 'C:\windows\system32\shell32.dll'
2421241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd550000 'C:\windows\system32\shell32.dll'
2422241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
2423241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\dwmapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a0be0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2424241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb8e0000 'C:\windows\system32\dwmapi.dll'
2425241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb880000 'C:\windows\system32\uxtheme.dll'
2426241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb90000 'C:\windows\system32\OLEAUT32.DLL'
2427241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2428241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a0be0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2429241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefadb0000 'C:\windows\system32\WINMM.dll'
2430241c.2cd8: supR3HardenedMonitor_LdrLoadDll: 'C:\windows\system32\comctl32.dll' -> 'C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll' [redir]
2431241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll [redoing WinVerifyTrust]
2432241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e8 pwszName=\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
2433241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2434241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2435241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=761964761EE466757E306124E042F4C2ACBEA092
2436241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB3059317~31bf3856ad364e35~amd64~~6.1.1.0.cat'; file='\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'
2437241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2438241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'
2439241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll (Input=C:\windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=00000000033a0be0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2440241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7b30000 'C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll'
2441241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
2442241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\dwmapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000002c41130:C:\windows\system32;c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2443241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefb8e0000 'C:\windows\system32\dwmapi.dll'
2444241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\windows\system32\ole32.dll'
2445241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb90000 'C:\windows\system32\OLEAUT32.dll'
2446241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000af8 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2447241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2448241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2449241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=41D7AA7A9ECA84ABF6801478BA3134174B21C472
2450241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll'
2451241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2452241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2453241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'wbemcomn.dll'.
2454241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2455241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2456241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
2457241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
2458241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
2459241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2460241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2461241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2462241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2463241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2464241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2465241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2466241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2467241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2468241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2469241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2470241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2471241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b00 pwszName=\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2472241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2473241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2474241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=03D0A77E5195AA70198FDE6C2FAC2C76FF200674
2475241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
2476241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2477241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2478241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
2479241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2480241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2481241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
2482241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll) WinVerifyTrust
2483241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2484241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2485241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2486241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2487241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2488241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2489241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2490241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2491241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2492241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2493241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2494241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2495241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2496241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2497241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a7060:C:\windows\system32\wbem;c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2498241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2499241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fef7590000 LB 0x0000f000 C:\windows\system32\wbem\wbemprox.dll [fFlags=0x0]
2500241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2501241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2502241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fef74f0000 LB 0x00086000 C:\windows\system32\wbemcomn.dll [fFlags=0x0]
2503241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2504241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef7590000 'C:\windows\system32\wbem\wbemprox.dll'
2505241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b30 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2506241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2507241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2508241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=83AB88529BF28CFF670EA617E0B9C376CFE28B0F
2509241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll'
2510241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2511241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2512241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
2513241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
2514241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2515241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2516241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2517241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2518241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2519241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a7060:C:\windows\system32\wbem;c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2520241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2521241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fef5690000 LB 0x00014000 C:\windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
2522241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2523241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5690000 'C:\windows\system32\wbem\wbemsvc.dll'
2524241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b34 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2525241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2526241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2527241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=391AD7580DBA8EA6A4190F5A010E834B8C320D79
2528241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll'
2529241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2530241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2531241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'wbemcomn.dll'.
2532241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
2533241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
2534241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2535241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ntdsapi.dll'.
2536241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
2537241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2538241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntdsapi.dll'...
2539241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntdsapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll' [rcNtRedir=0xc0150008]
2540241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b08 pwszName=\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2541241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2542241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2543241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=67C74E045820FCAB3FC8AD5C180928A20C1F11CE
2544241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll'
2545241c.2cd8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2546241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2547241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
2548241c.2cd8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ws2_32.dll'.
2549241c.2cd8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdsapi.dll) WinVerifyTrust
2550241c.2cd8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2551241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2552241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2553241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2554241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2555241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2556241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2557241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2558241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2559241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2560241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2561241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2562241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2563241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2564241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2565241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2566241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2567241c.2cd8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
2568241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2569241c.2cd8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2570241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a7060:C:\windows\system32\wbem;c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2571241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2572241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fef5880000 LB 0x000e2000 C:\windows\system32\wbem\fastprox.dll [fFlags=0x0]
2573241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2574241c.2cd8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2575241c.2cd8: supR3HardenedDllNotificationCallback: load 000007fef5850000 LB 0x00027000 C:\windows\system32\NTDSAPI.dll [fFlags=0x0]
2576241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntdsapi.dll
2577241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5880000 'C:\windows\system32\wbem\fastprox.dll'
2578241c.2cd8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2579241c.2cd8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a0fd0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2580241c.2cd8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb90000 'C:\windows\system32\OLEAUT32.dll'
2581241c.2880: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2582241c.2880: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
2583241c.2880: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2584241c.2880: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
2585241c.2880: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2586241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2587241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2588241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
2589241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
2590241c.2880: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
2591241c.2880: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2592241c.2880: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
2593241c.2880: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll) WinVerifyTrust
2594241c.2880: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
2595241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2596241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2597241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2598241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2599241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2600241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2601241c.2880: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2602241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2603241c.2880: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2604241c.2880: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a1180:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2605241c.2880: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2606241c.2880: supR3HardenedDllNotificationCallback: load 000007fedf5b0000 LB 0x0029c000 c:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
2607241c.2880: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2608241c.2880: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
2609241c.2880: supR3HardenedDllNotificationCallback: load 000000006efe0000 LB 0x0010a000 c:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
2610241c.2880: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxREM.dll
2611241c.2880: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf5b0000 'c:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
2612241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ndis.sys'.
2613241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ntoskrnl.exe'.
2614241c.2ed8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\drivers\VBoxNetAdp6.sys)
2615241c.2ed8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\drivers\VBoxNetAdp6.sys
2616241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\drivers\VBoxNetAdp6.sys [avoiding WinVerifyTrust]
2617241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2618241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
2619241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
2620241c.2ed8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\drivers\VBoxNetLwf.sys)
2621241c.2ed8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\drivers\VBoxNetLwf.sys
2622241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\drivers\VBoxNetLwf.sys [avoiding WinVerifyTrust]
2623241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2624241c.2ed8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\drivers\VBoxUSBMon.sys)
2625241c.2ed8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\drivers\VBoxUSBMon.sys
2626241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\drivers\VBoxUSBMon.sys [avoiding WinVerifyTrust]
2627241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2628241c.2ed8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\drivers\VBoxDrv.sys)
2629241c.2ed8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\drivers\VBoxDrv.sys
2630241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\drivers\VBoxDrv.sys [avoiding WinVerifyTrust]
2631241c.1a48: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\drivers\VBoxDrv.sys'
2632241c.1a48: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\drivers\VBoxUSBMon.sys'
2633241c.1a48: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\drivers\VBoxNetLwf.sys'
2634241c.1a48: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\drivers\VBoxNetAdp6.sys'
2635241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2636241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2637241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2638241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2639241c.1a48: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
2640241c.1a48: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2641241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2642241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2643241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2644241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2645241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2646241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2647241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2648241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2649241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2650241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2651241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2652241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'pshed.dll'.
2653241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
2654241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'kdcom.dll'.
2655241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'clfs.sys'.
2656241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ci.dll'.
2657241c.1a48: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe) WinVerifyTrust
2658241c.1a48: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe
2659241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2660241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2661241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe
2662241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
2663241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume2\Windows\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
2664241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2665241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
2666241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msrpc.sys'.
2667241c.1a48: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\drivers\netio.sys) WinVerifyTrust
2668241c.1a48: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\drivers\netio.sys
2669241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
2670241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume2\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
2671241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2672241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
2673241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
2674241c.1a48: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\drivers\ndis.sys) WinVerifyTrust
2675241c.1a48: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\drivers\ndis.sys
2676241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2677241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2678241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe
2679241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2680241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2681241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe
2682241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
2683241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume2\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
2684241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\drivers\ndis.sys
2685241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
2686241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume2\Windows\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
2687241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\drivers\netio.sys
2688241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2689241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume2\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
2690241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2691241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'kdcom.dll'.
2692241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'pshed.dll'.
2693241c.1a48: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\hal.dll) WinVerifyTrust
2694241c.1a48: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\hal.dll
2695241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2696241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2697241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe
2698241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msrpc.sys'...
2699241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'msrpc.sys' -> '\Device\HarddiskVolume2\Windows\System32\drivers\msrpc.sys' [rcNtRedir=0xc0150008]
2700241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2701241c.1a48: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\drivers\msrpc.sys) WinVerifyTrust
2702241c.1a48: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\drivers\msrpc.sys
2703241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
2704241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume2\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
2705241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\drivers\ndis.sys
2706241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2707241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2708241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe
2709241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ci.dll'...
2710241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ci.dll' -> '\Device\HarddiskVolume2\Windows\System32\ci.dll' [rcNtRedir=0xc0150008]
2711241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2712241c.1a48: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ci.dll) WinVerifyTrust
2713241c.1a48: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ci.dll
2714241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'clfs.sys'...
2715241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'clfs.sys' -> '\Device\HarddiskVolume2\Windows\System32\clfs.sys' [rcNtRedir=0xc0150008]
2716241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2717241c.1a48: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clfs.sys) WinVerifyTrust
2718241c.1a48: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clfs.sys
2719241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
2720241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume2\Windows\System32\kdcom.dll' [rcNtRedir=0xc0150008]
2721241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2722241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
2723241c.1a48: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kdcom.dll) WinVerifyTrust
2724241c.1a48: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kdcom.dll
2725241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2726241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume2\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
2727241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\hal.dll
2728241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
2729241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume2\Windows\System32\pshed.dll' [rcNtRedir=0xc0150008]
2730241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2731241c.1a48: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
2732241c.1a48: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\PSHED.DLL) WinVerifyTrust
2733241c.1a48: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\PSHED.DLL
2734241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2735241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume2\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
2736241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\hal.dll
2737241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2738241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2739241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe
2740241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2741241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume2\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
2742241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\hal.dll
2743241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2744241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2745241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe
2746241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2747241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2748241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe
2749241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2750241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2751241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2752241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2753241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
2754241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume2\Windows\System32\pshed.dll' [rcNtRedir=0xc0150008]
2755241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\PSHED.DLL
2756241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
2757241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume2\Windows\System32\kdcom.dll' [rcNtRedir=0xc0150008]
2758241c.1a48: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kdcom.dll
2759241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2760241c.1a48: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume2\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2761241c.1a48: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a1180:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2762241c.1a48: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2763241c.1a48: supR3HardenedDllNotificationCallback: load 000007fef5160000 LB 0x0000a000 c:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
2764241c.1a48: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2765241c.1a48: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5160000 'c:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
2766241c.27c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2767241c.27c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2768241c.27c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2769241c.27c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
2770241c.27c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2771241c.27c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2772241c.27c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2773241c.27c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2774241c.27c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2775241c.27c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
2776241c.27c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2777241c.27c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2778241c.27c0: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a1180:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2779241c.27c0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2780241c.27c0: supR3HardenedDllNotificationCallback: load 000007fef6910000 LB 0x0000d000 c:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
2781241c.27c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2782241c.27c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef6910000 'c:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
2783241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxTestOGL.exe
2784241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2785241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
2786241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2787241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxvmm.dll'.
2788241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxoglrenderspu.dll'.
2789241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
2790241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ole32.dll'.
2791241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'oleaut32.dll'.
2792241c.2f1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll) WinVerifyTrust
2793241c.2f1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
2794241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2795241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2796241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2797241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2798241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2799241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2800241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglrenderspu.dll'...
2801241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglrenderspu.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglrenderspu.dll' [rcNtRedir=0xc0150008]
2802241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2803241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
2804241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2805241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2806241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
2807241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
2808241c.2f1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll) WinVerifyTrust
2809241c.2f1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
2810241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2811241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2812241c.2f1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2813241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2814241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2815241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
2816241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
2817241c.2f1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2818241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2819241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2820241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2821241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2822241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2823241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2824241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2825241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2826241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2827241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2828241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
2829241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
2830241c.2f1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2831241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2832241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2833241c.2f1c: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a1180:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2834241c.2f1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
2835241c.2f1c: supR3HardenedDllNotificationCallback: load 000007fedf480000 LB 0x0012c000 c:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL [fFlags=0x0]
2836241c.2f1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.dll
2837241c.2f1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2838241c.2f1c: supR3HardenedDllNotificationCallback: load 000007feebf20000 LB 0x00034000 c:\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll [fFlags=0x0]
2839241c.2f1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2840241c.2f1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
2841241c.2f1c: supR3HardenedDllNotificationCallback: load 000007fef47b0000 LB 0x00028000 c:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll [fFlags=0x0]
2842241c.2f1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
2843241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedf480000 'c:\Program Files\Oracle\VirtualBox\VBoxSharedCrOpenGL.DLL'
2844241c.2f1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll
2845241c.2f1c: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a1180:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2846241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef47b0000 'c:\Program Files\Oracle\VirtualBox\VBoxOGLrenderspu.dll'
2847241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2848241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxoglhostcrutil.dll'.
2849241c.2f1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll) WinVerifyTrust
2850241c.2f1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
2851241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxoglhostcrutil.dll'...
2852241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxoglhostcrutil.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxoglhostcrutil.dll' [rcNtRedir=0xc0150008]
2853241c.2f1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhostcrutil.dll
2854241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2855241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2856241c.2f1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
2857241c.2f1c: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a1180:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2858241c.2f1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
2859241c.2f1c: supR3HardenedDllNotificationCallback: load 000007feec090000 LB 0x0001a000 c:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll [fFlags=0x0]
2860241c.2f1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll
2861241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec090000 'c:\Program Files\Oracle\VirtualBox\VBoxOGLhosterrorspu.dll'
2862241c.2f1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
2863241c.2f1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32/opengl32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a1180:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2864241c.2f1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
2865241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec1b0000 'C:\windows\system32/opengl32.dll'
2866241c.2f1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
2867241c.2f1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a1180:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2868241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec1b0000 'C:\windows\system32\OPENGL32.dll'
2869241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef20000 'C:\windows\system32\gdi32.dll'
2870241c.2f1c: \Device\HarddiskVolume2\Windows\System32\ig75icd64.dll: Owner is administrators group.
2871241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cd0 pwszName=\Device\HarddiskVolume2\Windows\System32\ig75icd64.dll
2872241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2873241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2874241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E21D55990A8A365CF05132E3E5FF9898A4D3D8
2875241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem10.CAT'; file='\Device\HarddiskVolume2\Windows\System32\ig75icd64.dll'
2876241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2877241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
2878241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'igdusc64.dll'.
2879241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2880241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
2881241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2882241c.2f1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'dwmapi.dll'.
2883241c.2f1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ig75icd64.dll) WinVerifyTrust
2884241c.2f1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ig75icd64.dll
2885241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
2886241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
2887241c.2f1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
2888241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2889241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2890241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2891241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2892241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2893241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2894241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'igdusc64.dll'...
2895241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'igdusc64.dll' -> '\Device\HarddiskVolume2\Windows\System32\igdusc64.dll' [rcNtRedir=0xc0150008]
2896241c.2f1c: \Device\HarddiskVolume2\Windows\System32\igdusc64.dll: Owner is administrators group.
2897241c.2f1c: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010a (CERT_E_CHAINING) on '\Device\HarddiskVolume2\Windows\System32\igdusc64.dll'
2898241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ce0 pwszName=\Device\HarddiskVolume2\Windows\System32\igdusc64.dll
2899241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2900241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2901241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5DB62DCBAA068FC5EA6D7F40F1B18E3AA6CA6F2C
2902241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem10.CAT'; file='\Device\HarddiskVolume2\Windows\System32\igdusc64.dll'
2903241c.2f1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (was CERT_E_CHAINING)
2904241c.2f1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\igdusc64.dll) WinVerifyTrust
2905241c.2f1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\igdusc64.dll
2906241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
2907241c.2f1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
2908241c.2f1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\ig75icd64.dll (Input=ig75icd64.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a1180:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2909241c.2f1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ig75icd64.dll
2910241c.2f1c: supR3HardenedDllNotificationCallback: load 0000000180000000 LB 0x007de000 C:\windows\system32\ig75icd64.dll [fFlags=0x0]
2911241c.2f1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ig75icd64.dll
2912241c.2f1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\igdusc64.dll
2913241c.2f1c: supR3HardenedDllNotificationCallback: load 000007fef34a0000 LB 0x00460000 C:\windows\system32\igdusc64.dll [fFlags=0x0]
2914241c.2f1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\igdusc64.dll
2915241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000180000000 'C:\windows\system32\ig75icd64.dll'
2916241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef20000 'C:\windows\system32\gdi32.dll'
2917241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefef20000 'C:\windows\system32\gdi32.dll'
2918241c.2f1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\version.dll
2919241c.2f1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\version.dll (Input=version.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a1180:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2920241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc640000 'C:\windows\system32\version.dll'
2921241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec1b0000 'C:\windows\system32\OPENGL32.dll'
2922241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec1b0000 'C:\windows\system32\OPENGL32.dll'
2923241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec1b0000 'C:\windows\system32\OPENGL32.dll'
2924241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec1b0000 'C:\windows\system32\OPENGL32.dll'
2925241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec1b0000 'C:\windows\system32\OPENGL32.dll'
2926241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec1b0000 'C:\windows\system32\OPENGL32.dll'
2927241c.2f1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
2928241c.2f1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\OPENGL32.dll (Input=OPENGL32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000033a1180:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2929241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec1b0000 'C:\windows\system32\OPENGL32.dll'
2930241c.2f1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feec1b0000 'C:\windows\system32\OPENGL32.dll'
2931241c.2790: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2932241c.2790: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2933241c.2790: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2934241c.2790: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
2935241c.2790: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2936241c.2790: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2937241c.2790: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2938241c.2790: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2939241c.2790: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2940241c.2790: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
2941241c.2790: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2942241c.2790: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2943241c.2790: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000568a9b0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2944241c.2790: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2945241c.2790: supR3HardenedDllNotificationCallback: load 000007fef5150000 LB 0x0000f000 c:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
2946241c.2790: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2947241c.2790: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef5150000 'c:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
2948241c.1b8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2949241c.1b8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2950241c.1b8c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2951241c.1b8c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
2952241c.1b8c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2953241c.1b8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2954241c.1b8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2955241c.1b8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2956241c.1b8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2957241c.1b8c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2958241c.1b8c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2959241c.1b8c: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000568a9b0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2960241c.1b8c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2961241c.1b8c: supR3HardenedDllNotificationCallback: load 000007fef44f0000 LB 0x0000e000 c:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
2962241c.1b8c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2963241c.1b8c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef44f0000 'c:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
2964241c.2ed8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd550000 'C:\windows\system32/Shell32.dll'
2965241c.2ed8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefed10000 'C:\windows\system32\ole32.dll'
2966241c.2ed8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=000000000568a9b0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2967241c.2ed8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefe5b0000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
2968241c.2ed8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll
2969241c.2ed8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000568a9b0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
2970241c.2ed8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd180000 'C:\windows\system32\profapi.dll'
2971241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2972241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2973241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2974241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
2975241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
2976241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2977241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
2978241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
2979241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
2980241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
2981241c.2ed8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
2982241c.2ed8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
2983241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
2984241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
2985241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e08 pwszName=\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2986241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
2987241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
2988241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3BDC72529DA09BA841BE702C4C902C8AA1242642
2989241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL'
2990241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2991241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2992241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'nsi.dll'.
2993241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'winnsi.dll'.
2994241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
2995241c.2ed8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
2996241c.2ed8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2997241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2998241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2999241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3000241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3001241c.2ed8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
3002241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3003241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3004241c.2ed8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
3005241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3006241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3007241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
3008241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
3009241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3010241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3011241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3012241c.2ed8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
3013241c.2ed8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3014241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
3015241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
3016241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3017241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3018241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
3019241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
3020241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'newdev.dll'.
3021241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
3022241c.2ed8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
3023241c.2ed8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3024241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3025241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3026241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3027241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3028241c.2ed8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3029241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3030241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3031241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3032241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3033241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'newdev.dll'...
3034241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'newdev.dll' -> '\Device\HarddiskVolume2\Windows\System32\newdev.dll' [rcNtRedir=0xc0150008]
3035241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e18 pwszName=\Device\HarddiskVolume2\Windows\System32\newdev.dll
3036241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
3037241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
3038241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2F4B2CF91DA6B4233E3BF5D2EC9677240BFF983C
3039241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume2\Windows\System32\newdev.dll'
3040241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3041241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3042241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
3043241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
3044241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
3045241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'uxtheme.dll'.
3046241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'cfgmgr32.dll'.
3047241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'setupapi.dll'.
3048241c.2ed8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\newdev.dll) WinVerifyTrust
3049241c.2ed8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\newdev.dll
3050241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3051241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3052241c.2ed8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
3053241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3054241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3055241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3056241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3057241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3058241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3059241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3060241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3061241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3062241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3063241c.2ed8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3064241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3065241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3066241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3067241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3068241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
3069241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
3070241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000dfc pwszName=\Device\HarddiskVolume2\Windows\System32\winnsi.dll
3071241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
3072241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
3073241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B28F3E0DF5586B9FB3AEAC48E4ECCA0AFB6ABD91
3074241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winnsi.dll'
3075241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3076241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3077241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
3078241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
3079241c.2ed8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winnsi.dll) WinVerifyTrust
3080241c.2ed8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winnsi.dll
3081241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3082241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3083241c.2ed8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
3084241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3085241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3086241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3087241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3088241c.2ed8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
3089241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3090241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3091241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3092241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3093241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3094241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3095241c.2ed8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
3096241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
3097241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
3098241c.2ed8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
3099241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
3100241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume2\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
3101241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3102241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3103241c.2ed8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
3104241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3105241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3106241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3107241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3108241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3109241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3110241c.2ed8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox/VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000568a9b0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
3111241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
3112241c.2ed8: supR3HardenedDllNotificationCallback: load 000007fedeb90000 LB 0x008e5000 c:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
3113241c.2ed8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
3114241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3115241c.2ed8: supR3HardenedDllNotificationCallback: load 000007fee84f0000 LB 0x00061000 c:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
3116241c.2ed8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3117241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\newdev.dll
3118241c.2ed8: supR3HardenedDllNotificationCallback: load 000007fee64d0000 LB 0x00051000 C:\windows\system32\newdev.dll [fFlags=0x0]
3119241c.2ed8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\newdev.dll
3120241c.2ed8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3121241c.2ed8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\devrtl.dll)
3122241c.2ed8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devrtl.dll
3123241c.2ed8: supR3HardenedDllNotificationCallback: load 000007fefc130000 LB 0x00012000 C:\windows\system32\devrtl.DLL [fFlags=0x0]
3124241c.2ed8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\devrtl.dll [avoiding WinVerifyTrust]
3125241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3126241c.2ed8: supR3HardenedDllNotificationCallback: load 000007fee7e60000 LB 0x00035000 c:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
3127241c.2ed8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3128241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
3129241c.2ed8: supR3HardenedDllNotificationCallback: load 000007fefa8b0000 LB 0x00027000 C:\windows\system32\IPHLPAPI.DLL [fFlags=0x0]
3130241c.2ed8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
3131241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winnsi.dll
3132241c.2ed8: supR3HardenedDllNotificationCallback: load 000007fefa8a0000 LB 0x0000b000 C:\windows\system32\WINNSI.DLL [fFlags=0x0]
3133241c.2ed8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winnsi.dll
3134241c.2ed8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedeb90000 'c:\Program Files\Oracle\VirtualBox/VBoxDD.DLL'
3135241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e10 pwszName=\Device\HarddiskVolume2\Windows\System32\devrtl.dll
3136241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002c315f0
3137241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002c315f0
3138241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=445E5B0E9F43B5D56A5B9C4BC3369E3D076ACA1A
3139241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
3140241c.2ed8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3141241c.2ed8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\devrtl.dll'
3142241c.2ed8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
3143241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3144241c.2ed8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3145241c.2ed8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox/VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000568a9b0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
3146241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
3147241c.2ed8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fed87e0000 'c:\Program Files\Oracle\VirtualBox/VBoxC.DLL'
3148241c.2ed8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3149241c.2ed8: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000568a9b0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
3150241c.2ed8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3151241c.2ed8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e60000 'c:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL'
3152241c.2fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3153241c.2fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3154241c.2fa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3155241c.2fa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
3156241c.2fa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3157241c.2fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3158241c.2fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3159241c.2fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3160241c.2fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3161241c.2fa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3162241c.2fa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3163241c.2fa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3164241c.2fa0: supR3HardenedMonitor_LdrLoadDll: pName=c:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000568a9b0:c:\Program Files\Oracle\VirtualBox;C:\windows\system32 [calling]
3165241c.2fa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3166241c.2fa0: supR3HardenedDllNotificationCallback: load 000007feebf90000 LB 0x0000d000 c:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
3167241c.2fa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3168241c.2fa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feebf90000 'c:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
3169241c.2ed8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00000000772b0000 'C:\windows\system32/kernel32.dll'
3170241c.2880: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefeb90000 'C:\windows\system32\OLEAUT32.dll'
3171241c.1a84: supR3HardenedDllNotificationCallback: Unload 00000000041d0000 LB 0x001ad000 c:\temp\ammemb64.dll [flags=0x0]
3172241c.1a84: supR3HardenedDllNotificationCallback: Unload 000007fefa350000 LB 0x00007000 C:\windows\system32\msimg32.dll [flags=0x0]
31731328.2e80: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc000041d (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 13640 ms, the end);
31741538.294c: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc000041d (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 14231 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy